a94ed2eb9bfc8524a165d86201349d0d2115291c7115551367c14a468ffc1f87 | Triage

Sharing

General

Target

a33a5184ac34a6a519f0320484c549b5
Size

270KB
Sample

240225-jfyphaff5y
MD5

a33a5184ac34a6a519f0320484c549b5
SHA1

237f1bc4400e221faf4e4947b2e1ce51481a1c2e
SHA256

a94ed2eb9bfc8524a165d86201349d0d2115291c7115551367c14a468ffc1f87
SHA512

035090ee85e18e1649d785f8790c0d1b7cedea6267a4022367a08fe70dd10172a8ff619deb30d185c6f3dd114217eb2a71dbee1f0de022f720ea9d220c626289
SSDEEP

6144:es+IN9RS6LTa9Ar37L2We1zwYVlEkdqY/nMmS6H5el8BJN:fHMwm9AHebVKkdrH5eyr

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  a33a5184ac34a6a519f0320484c549b5
- Size
  
  270KB
- MD5
  
  a33a5184ac34a6a519f0320484c549b5
- SHA1
  
  237f1bc4400e221faf4e4947b2e1ce51481a1c2e
- SHA256
  
  a94ed2eb9bfc8524a165d86201349d0d2115291c7115551367c14a468ffc1f87
- SHA512
  
  035090ee85e18e1649d785f8790c0d1b7cedea6267a4022367a08fe70dd10172a8ff619deb30d185c6f3dd114217eb2a71dbee1f0de022f720ea9d220c626289
- SSDEEP
  
  6144:es+IN9RS6LTa9Ar37L2We1zwYVlEkdqY/nMmS6H5el8BJN:fHMwm9AHebVKkdrH5eyr
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2