9a81134b3c673ae7acec80878e046efd88a5fd616a9409e40954d9a265cd7761 | Triage

Sharing

General

Target

c9c94e7de16ae088cc9bece32c264812
Size

171KB
Sample

240314-2f92msbb95
MD5

c9c94e7de16ae088cc9bece32c264812
SHA1

a05982bf41654726e8db9a910b6fb4a8aba4fa81
SHA256

9a81134b3c673ae7acec80878e046efd88a5fd616a9409e40954d9a265cd7761
SHA512

0405116b797e2e43f8407aca721981f422175480be2c60758d406569372a25adf37ad9f577af748e6c906d3340fdcbe7e2561040c0aa88c77d579ac48da9f364
SSDEEP

3072:dcH4QQKq6uewjct8lYpiYWbSsuQhaP4FGWNG3kUD7hJzIyjLhn3WLf5HGmC:+hQN6ujXYppWbSNQcP4FGkir5JzIShnR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c9c94e7de16ae088cc9bece32c264812
- Size
  
  171KB
- MD5
  
  c9c94e7de16ae088cc9bece32c264812
- SHA1
  
  a05982bf41654726e8db9a910b6fb4a8aba4fa81
- SHA256
  
  9a81134b3c673ae7acec80878e046efd88a5fd616a9409e40954d9a265cd7761
- SHA512
  
  0405116b797e2e43f8407aca721981f422175480be2c60758d406569372a25adf37ad9f577af748e6c906d3340fdcbe7e2561040c0aa88c77d579ac48da9f364
- SSDEEP
  
  3072:dcH4QQKq6uewjct8lYpiYWbSsuQhaP4FGWNG3kUD7hJzIyjLhn3WLf5HGmC:+hQN6ujXYppWbSNQcP4FGkir5JzIShnR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2