3914f448c000040be0e401e4f8e29fe90e3295d1625e7cb561d0b80ce926d020 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3fc9c839f25302541bc3843a424d0a6
Size

88KB
Sample

240318-t2g9radb54
MD5

d3fc9c839f25302541bc3843a424d0a6
SHA1

d4894f4411e996afaffc6a30238a08c7cf33b511
SHA256

3914f448c000040be0e401e4f8e29fe90e3295d1625e7cb561d0b80ce926d020
SHA512

7af3836bb71d73d06a1f52325482311884c6a195cfa8407500f4092660cbdc83cba19c6a1c5916e9bbcae907cab68d0bc9fe3feecca5409aa991b71dd4e238a1
SSDEEP

1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XEamTcMpk2AR7N+Pl+:51B31bdBob2QX6M5yl+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d3fc9c839f25302541bc3843a424d0a6
- Size
  
  88KB
- MD5
  
  d3fc9c839f25302541bc3843a424d0a6
- SHA1
  
  d4894f4411e996afaffc6a30238a08c7cf33b511
- SHA256
  
  3914f448c000040be0e401e4f8e29fe90e3295d1625e7cb561d0b80ce926d020
- SHA512
  
  7af3836bb71d73d06a1f52325482311884c6a195cfa8407500f4092660cbdc83cba19c6a1c5916e9bbcae907cab68d0bc9fe3feecca5409aa991b71dd4e238a1
- SSDEEP
  
  1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XEamTcMpk2AR7N+Pl+:51B31bdBob2QX6M5yl+
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2