d61943f2f72fd5cc4c68b8743c9dec8eb98811818824b55fd37d2efceaea4c5d | Triage

Sharing

General

Target

e134d749a960495aa80d681bd3dfd1a0
Size

259KB
Sample

240327-j6rzmsgb59
MD5

e134d749a960495aa80d681bd3dfd1a0
SHA1

858650842bc20ee1da33b442e8f28e11a0a8ddf8
SHA256

d61943f2f72fd5cc4c68b8743c9dec8eb98811818824b55fd37d2efceaea4c5d
SHA512

fe8204ba4ddb23ad81e1c0fcf407dc91c58a23333ae2919f30a45e5c2e77ae92b6ade1664bd8c6412bc1335cba636b0c8fc1c6fe3f12f7fb373c3c489ec13bc8
SSDEEP

6144:oSAqWATnZSdjM6SoqizS0vzyCpMJE1d5L+H328r5h:ohUMdjRLLztpMJAz+X225h

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  e134d749a960495aa80d681bd3dfd1a0
- Size
  
  259KB
- MD5
  
  e134d749a960495aa80d681bd3dfd1a0
- SHA1
  
  858650842bc20ee1da33b442e8f28e11a0a8ddf8
- SHA256
  
  d61943f2f72fd5cc4c68b8743c9dec8eb98811818824b55fd37d2efceaea4c5d
- SHA512
  
  fe8204ba4ddb23ad81e1c0fcf407dc91c58a23333ae2919f30a45e5c2e77ae92b6ade1664bd8c6412bc1335cba636b0c8fc1c6fe3f12f7fb373c3c489ec13bc8
- SSDEEP
  
  6144:oSAqWATnZSdjM6SoqizS0vzyCpMJE1d5L+H328r5h:ohUMdjRLLztpMJAz+X225h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2