4456f25ea945322b4f505c4b233c3f0ad22ca90293f89863955fdf40a1478d38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc7f3a806d6528a57c95598aedd2c1fa
Size

51KB
Sample

240309-w3nh9sfc7s
MD5

bc7f3a806d6528a57c95598aedd2c1fa
SHA1

af64dd247e8dba6190fe433c84d1a796600ef9be
SHA256

4456f25ea945322b4f505c4b233c3f0ad22ca90293f89863955fdf40a1478d38
SHA512

9aa35d702bdedf9e695cba8d7058b0277a0b3115150b66b1ad75203e787ee868294e607219805604d1069f8a92ccbac50f6b4117c51dab628c7bafa8ee72a09a
SSDEEP

768:cZWmCGcHO/VXjG3PCLlJRKzPYWTYZRATwed3ee8Y/UartQNSvGueDdYPKYKrDAMb:iWmCGcuBG3gST/TwMTFUhHUKAM+AYE

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bc7f3a806d6528a57c95598aedd2c1fa
- Size
  
  51KB
- MD5
  
  bc7f3a806d6528a57c95598aedd2c1fa
- SHA1
  
  af64dd247e8dba6190fe433c84d1a796600ef9be
- SHA256
  
  4456f25ea945322b4f505c4b233c3f0ad22ca90293f89863955fdf40a1478d38
- SHA512
  
  9aa35d702bdedf9e695cba8d7058b0277a0b3115150b66b1ad75203e787ee868294e607219805604d1069f8a92ccbac50f6b4117c51dab628c7bafa8ee72a09a
- SSDEEP
  
  768:cZWmCGcHO/VXjG3PCLlJRKzPYWTYZRATwed3ee8Y/UartQNSvGueDdYPKYKrDAMb:iWmCGcuBG3gST/TwMTFUhHUKAM+AYE
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2