31ce272643fda83601e32fbdcc8efaba3316f3034c7e3e2c985f7c54745fe7ea | Triage

Sharing

General

Target

31ce272643fda83601e32fbdcc8efaba3316f3034c7e3e2c985f7c54745fe7ea
Size

462KB
Sample

240315-xfm5nagb4t
MD5

be0b4724083c53f7faeca44b6f6f3522
SHA1

95940680c71d8ad0e1d978e02aefa1a2b8565937
SHA256

31ce272643fda83601e32fbdcc8efaba3316f3034c7e3e2c985f7c54745fe7ea
SHA512

ce8d8851a50ca270238a8d46c8d13e6d1e01deb677d0b68fe07fd723c68f7d1302ad6776c135541f78968c606d51bdf1bb4fcca3d5ba02e481e400c43dbd33ad
SSDEEP

12288:gmWhND9yJz+b1FcMLmp2ATTSsdiDY4hIq0rBW90N:gmUNJyJqb1FcMap2ATT5gDY4hIq09W9O

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  31ce272643fda83601e32fbdcc8efaba3316f3034c7e3e2c985f7c54745fe7ea
- Size
  
  462KB
- MD5
  
  be0b4724083c53f7faeca44b6f6f3522
- SHA1
  
  95940680c71d8ad0e1d978e02aefa1a2b8565937
- SHA256
  
  31ce272643fda83601e32fbdcc8efaba3316f3034c7e3e2c985f7c54745fe7ea
- SHA512
  
  ce8d8851a50ca270238a8d46c8d13e6d1e01deb677d0b68fe07fd723c68f7d1302ad6776c135541f78968c606d51bdf1bb4fcca3d5ba02e481e400c43dbd33ad
- SSDEEP
  
  12288:gmWhND9yJz+b1FcMLmp2ATTSsdiDY4hIq0rBW90N:gmUNJyJqb1FcMap2ATT5gDY4hIq09W9O
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2