8ba2dd78050386b227deb81f43b0b2b16eef33605937ff8ed6be08004fa5f7ca | Triage

Sharing

General

Target

8ba2dd78050386b227deb81f43b0b2b16eef33605937ff8ed6be08004fa5f7ca
Size

431KB
Sample

240319-jtkd2aeh9s
MD5

9d0470ba47f6d3f61072317f6904d434
SHA1

aac8a0e4bbb48c34e02587f68c7e447d40d8052f
SHA256

8ba2dd78050386b227deb81f43b0b2b16eef33605937ff8ed6be08004fa5f7ca
SHA512

091cb8c16805d2c47960baa1c3a8ac599cdec7333b0022f139a101ca6edde96ceafef8e85155d17eb9c13fd632998a58c055f576f342d701432fe95bd5cb9617
SSDEEP

6144:A3MbvBaO9o7nduQyxg3XdECeSf3pAvTd5GPtRQrY1STCJxLhsLpoq5ynENQpjBei:OMbz9obd8uXxGLd3rYo2Jdhs/qVpjBei

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8ba2dd78050386b227deb81f43b0b2b16eef33605937ff8ed6be08004fa5f7ca
- Size
  
  431KB
- MD5
  
  9d0470ba47f6d3f61072317f6904d434
- SHA1
  
  aac8a0e4bbb48c34e02587f68c7e447d40d8052f
- SHA256
  
  8ba2dd78050386b227deb81f43b0b2b16eef33605937ff8ed6be08004fa5f7ca
- SHA512
  
  091cb8c16805d2c47960baa1c3a8ac599cdec7333b0022f139a101ca6edde96ceafef8e85155d17eb9c13fd632998a58c055f576f342d701432fe95bd5cb9617
- SSDEEP
  
  6144:A3MbvBaO9o7nduQyxg3XdECeSf3pAvTd5GPtRQrY1STCJxLhsLpoq5ynENQpjBei:OMbz9obd8uXxGLd3rYo2Jdhs/qVpjBei
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2