744c68306b42089e9aa6521db82dbafca142d642b8c7eb0c9b6747bf68d0b8d3 | Triage

Sharing

General

Target

9b51a5efe3ee8ab6d2ce19e4e56d0357
Size

211KB
Sample

240214-lfzb5seg6w
MD5

9b51a5efe3ee8ab6d2ce19e4e56d0357
SHA1

35d876a14a3a8f7a15e4f39a7cbbce6b1f35078f
SHA256

744c68306b42089e9aa6521db82dbafca142d642b8c7eb0c9b6747bf68d0b8d3
SHA512

9458551ccd0c57f3de817e8132fc30f0325080a44d2c8eed9065f14419957868a3016f628629e3f81ec6978880a4b9b4399647e45c9611518fec45fcf66d3f31
SSDEEP

3072:0GwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:0G/iVkO20SFgBhxtW9mG9+Umt3Ezjb

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9b51a5efe3ee8ab6d2ce19e4e56d0357
- Size
  
  211KB
- MD5
  
  9b51a5efe3ee8ab6d2ce19e4e56d0357
- SHA1
  
  35d876a14a3a8f7a15e4f39a7cbbce6b1f35078f
- SHA256
  
  744c68306b42089e9aa6521db82dbafca142d642b8c7eb0c9b6747bf68d0b8d3
- SHA512
  
  9458551ccd0c57f3de817e8132fc30f0325080a44d2c8eed9065f14419957868a3016f628629e3f81ec6978880a4b9b4399647e45c9611518fec45fcf66d3f31
- SSDEEP
  
  3072:0GwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:0G/iVkO20SFgBhxtW9mG9+Umt3Ezjb
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2