41f065f90f5a7a3478ebcdaf9827e3f876dc3bce4e3997efcbbeac5abc276ebb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf9cac7945231ff85e76ddf682c082ce
Size

296KB
Sample

240311-c1h18aac65
MD5

bf9cac7945231ff85e76ddf682c082ce
SHA1

6311609694b7762f83e8fd62380039917fe84a5c
SHA256

41f065f90f5a7a3478ebcdaf9827e3f876dc3bce4e3997efcbbeac5abc276ebb
SHA512

39529b75dd10ccd2df7a451f112629ef45d48647dbeccf1c263189518d57ea66d5322cda9865bdad4538dd08c790257257f5e5859c63262878d3d03fc2fe13a5
SSDEEP

6144:/PK1aPchfi7Dw0LS9mlz92v359+7hkICF7EtXXM+bNRcepnFGsvg0:/QaUK71cg92f547LCF4XXM+JRcKF5g0

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bf9cac7945231ff85e76ddf682c082ce
- Size
  
  296KB
- MD5
  
  bf9cac7945231ff85e76ddf682c082ce
- SHA1
  
  6311609694b7762f83e8fd62380039917fe84a5c
- SHA256
  
  41f065f90f5a7a3478ebcdaf9827e3f876dc3bce4e3997efcbbeac5abc276ebb
- SHA512
  
  39529b75dd10ccd2df7a451f112629ef45d48647dbeccf1c263189518d57ea66d5322cda9865bdad4538dd08c790257257f5e5859c63262878d3d03fc2fe13a5
- SSDEEP
  
  6144:/PK1aPchfi7Dw0LS9mlz92v359+7hkICF7EtXXM+bNRcepnFGsvg0:/QaUK71cg92f547LCF4XXM+JRcKF5g0
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2