a484b9176fd8e829c2cc1431b58104a0ebf30689fd711a2668cef79190c9fe2f | Triage

Sharing

General

Target

c83b3b4c5f291166d4cde0a99544fa3b
Size

110KB
Sample

240314-k2hqvafh6s
MD5

c83b3b4c5f291166d4cde0a99544fa3b
SHA1

4152b20fac52ecbbe6c833d1cee0b1b16fde55b6
SHA256

a484b9176fd8e829c2cc1431b58104a0ebf30689fd711a2668cef79190c9fe2f
SHA512

94ed80d44c7e3babfce4360fd617aa7406a854375d2040e36691240709785185dd59270d8aef57010db8e4cbc6511c0fd2c86064bef6127a03293dc61d3a8d09
SSDEEP

3072:v1DN/FdTN43femJOBvNgH2T723dztZzv6vQElv:zF7+2mABvNgkitztZjm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c83b3b4c5f291166d4cde0a99544fa3b
- Size
  
  110KB
- MD5
  
  c83b3b4c5f291166d4cde0a99544fa3b
- SHA1
  
  4152b20fac52ecbbe6c833d1cee0b1b16fde55b6
- SHA256
  
  a484b9176fd8e829c2cc1431b58104a0ebf30689fd711a2668cef79190c9fe2f
- SHA512
  
  94ed80d44c7e3babfce4360fd617aa7406a854375d2040e36691240709785185dd59270d8aef57010db8e4cbc6511c0fd2c86064bef6127a03293dc61d3a8d09
- SSDEEP
  
  3072:v1DN/FdTN43femJOBvNgH2T723dztZzv6vQElv:zF7+2mABvNgkitztZjm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2