e3aaf570c1cd1cb809d7cce76bcbe60468c17be0d73eea8394d1436c6f7ca07d | Triage

Sharing

General

Target

c2fcbf70696315646a34d27ce9906d55
Size

80KB
Sample

240312-k4msksfb64
MD5

c2fcbf70696315646a34d27ce9906d55
SHA1

feed301fe84a4b87aa94218d25cfcf33d268db9c
SHA256

e3aaf570c1cd1cb809d7cce76bcbe60468c17be0d73eea8394d1436c6f7ca07d
SHA512

351e6d082fb5141c06ee97e9f6916d302541b5c38c81e64c2719854b4c55602abcd52783da8a6302abbc26d2b2e3030b3d7851187ab7b167add753a9dbd88653
SSDEEP

1536:Jdkf22gypebgdFwgXfu+xW2zRk5If4aRhdsRRkF:nkepys/+xW2zRk5IwajKkF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c2fcbf70696315646a34d27ce9906d55
- Size
  
  80KB
- MD5
  
  c2fcbf70696315646a34d27ce9906d55
- SHA1
  
  feed301fe84a4b87aa94218d25cfcf33d268db9c
- SHA256
  
  e3aaf570c1cd1cb809d7cce76bcbe60468c17be0d73eea8394d1436c6f7ca07d
- SHA512
  
  351e6d082fb5141c06ee97e9f6916d302541b5c38c81e64c2719854b4c55602abcd52783da8a6302abbc26d2b2e3030b3d7851187ab7b167add753a9dbd88653
- SSDEEP
  
  1536:Jdkf22gypebgdFwgXfu+xW2zRk5If4aRhdsRRkF:nkepys/+xW2zRk5IwajKkF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2