11acdb47d70f2fc9b8fd1fa59f6366f34a90682534e398eae97b39167ac20424 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab39efb3db5611b3d5da6fcbf21684a2
Size

349KB
Sample

240228-g9q6eadd2x
MD5

ab39efb3db5611b3d5da6fcbf21684a2
SHA1

5e98be60ccb1cc54dabbb134b3d7e8002a6f50a1
SHA256

11acdb47d70f2fc9b8fd1fa59f6366f34a90682534e398eae97b39167ac20424
SHA512

99c079c7e55ae68d7482868c5b7b990ad31800075e33009d18cf77d3cc299d982bda42bd0352bce40bc65d6404403c0c59d215d92797be4e2bd831756fb9442e
SSDEEP

6144:MHcibmZ9h9v1szp5VvfM//fWCvxKD7l1KeDugvIWY0xQVvZ:+ciaZxvAvfMbxKDiekzR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ab39efb3db5611b3d5da6fcbf21684a2
- Size
  
  349KB
- MD5
  
  ab39efb3db5611b3d5da6fcbf21684a2
- SHA1
  
  5e98be60ccb1cc54dabbb134b3d7e8002a6f50a1
- SHA256
  
  11acdb47d70f2fc9b8fd1fa59f6366f34a90682534e398eae97b39167ac20424
- SHA512
  
  99c079c7e55ae68d7482868c5b7b990ad31800075e33009d18cf77d3cc299d982bda42bd0352bce40bc65d6404403c0c59d215d92797be4e2bd831756fb9442e
- SSDEEP
  
  6144:MHcibmZ9h9v1szp5VvfM//fWCvxKD7l1KeDugvIWY0xQVvZ:+ciaZxvAvfMbxKDiekzR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2