57e780bedb10d512f80e5324291077fd413d2206c9fe4f2588a6495bede5f939 | Triage

Sharing

General

Target

cbc31e996c6ea1d72fa5fddc9ee176d5
Size

637KB
Sample

240315-svwccsdh86
MD5

cbc31e996c6ea1d72fa5fddc9ee176d5
SHA1

4d14bd6a2d3244419ed2cc20be80bdbce2615c6a
SHA256

57e780bedb10d512f80e5324291077fd413d2206c9fe4f2588a6495bede5f939
SHA512

6547f71f84616fa44f07672f38cb216449a513d7a6f475589f276c1012c450070f244eee2fc677fe03335fce19f2e0dfdb404f41569156c3dd0ef6ca09bff172
SSDEEP

12288:rrFHeqVPUQaUaVA5rUTN6ftZKih58E4BI4R7Kv+ytwKTM39eKmuhaSEqFZe:rrBe+cQaUprUdM8JBjQv+yaKOetuMbqS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cbc31e996c6ea1d72fa5fddc9ee176d5
- Size
  
  637KB
- MD5
  
  cbc31e996c6ea1d72fa5fddc9ee176d5
- SHA1
  
  4d14bd6a2d3244419ed2cc20be80bdbce2615c6a
- SHA256
  
  57e780bedb10d512f80e5324291077fd413d2206c9fe4f2588a6495bede5f939
- SHA512
  
  6547f71f84616fa44f07672f38cb216449a513d7a6f475589f276c1012c450070f244eee2fc677fe03335fce19f2e0dfdb404f41569156c3dd0ef6ca09bff172
- SSDEEP
  
  12288:rrFHeqVPUQaUaVA5rUTN6ftZKih58E4BI4R7Kv+ytwKTM39eKmuhaSEqFZe:rrBe+cQaUprUdM8JBjQv+yaKOetuMbqS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2