732ba8ceafdaa0e750f3fe581f04660853a4c3641a66f4bdd2411520618e6b8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bc16be38ebc8531d6d170bf1c8814a0
Size

48KB
Sample

240214-qdmb1sce88
MD5

9bc16be38ebc8531d6d170bf1c8814a0
SHA1

d4b316b46040edcccd9fea1530ecca7bc21c2f5c
SHA256

732ba8ceafdaa0e750f3fe581f04660853a4c3641a66f4bdd2411520618e6b8e
SHA512

f8f64ea58d2ed8762a6ebc30a445ccbf0586dd3579edcb6bc3af9edf7d5eb5bf0787bfd9f2ffbc9339cd4351aa4f1bb85cb53287f5629ffd74615655a1e1bb52
SSDEEP

768:EKdjVYH2LdFu1t/Vt8yDZsYFfBvo+V+lDhHiI:EKdjVYH+Fuz/P8y1pBv3+lBiI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9bc16be38ebc8531d6d170bf1c8814a0
- Size
  
  48KB
- MD5
  
  9bc16be38ebc8531d6d170bf1c8814a0
- SHA1
  
  d4b316b46040edcccd9fea1530ecca7bc21c2f5c
- SHA256
  
  732ba8ceafdaa0e750f3fe581f04660853a4c3641a66f4bdd2411520618e6b8e
- SHA512
  
  f8f64ea58d2ed8762a6ebc30a445ccbf0586dd3579edcb6bc3af9edf7d5eb5bf0787bfd9f2ffbc9339cd4351aa4f1bb85cb53287f5629ffd74615655a1e1bb52
- SSDEEP
  
  768:EKdjVYH2LdFu1t/Vt8yDZsYFfBvo+V+lDhHiI:EKdjVYH+Fuz/P8y1pBv3+lBiI
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2