edd6f4179a78718de75a0b53cdaf870dbde7afea7ea4fa5d8de6550a9cf1e333 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d575356c8c0a890afc7fb952b8064be6
Size

43KB
Sample

240319-hglkwsdd8w
MD5

d575356c8c0a890afc7fb952b8064be6
SHA1

eaec091e7c58c9a66cd3fa1b6bc9019b19fd1463
SHA256

edd6f4179a78718de75a0b53cdaf870dbde7afea7ea4fa5d8de6550a9cf1e333
SHA512

bb5eb15092243a960b2a1dee71dbeebb24bbd7e4d842b8dc0674b40d0086d356bb049fa19187411d872ef5d8379797168ff445201fb06f0af04782ec8d59293d
SSDEEP

768:d//k9sUrmyokzZSaG5nkODiTIeELm2NBgnZAkECznvylCI+crX6:d09JokzCnziyLm9ZvECLkCIf6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d575356c8c0a890afc7fb952b8064be6
- Size
  
  43KB
- MD5
  
  d575356c8c0a890afc7fb952b8064be6
- SHA1
  
  eaec091e7c58c9a66cd3fa1b6bc9019b19fd1463
- SHA256
  
  edd6f4179a78718de75a0b53cdaf870dbde7afea7ea4fa5d8de6550a9cf1e333
- SHA512
  
  bb5eb15092243a960b2a1dee71dbeebb24bbd7e4d842b8dc0674b40d0086d356bb049fa19187411d872ef5d8379797168ff445201fb06f0af04782ec8d59293d
- SSDEEP
  
  768:d//k9sUrmyokzZSaG5nkODiTIeELm2NBgnZAkECznvylCI+crX6:d09JokzCnziyLm9ZvECLkCIf6
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2