e74f1ca5e55b2064e9226934d0096fd9b00402d87f7268720c9b8c1d358c619f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2133067d63728c1387f53adf10c8c4c
Size

133KB
Sample

240327-tlzh4aff67
MD5

e2133067d63728c1387f53adf10c8c4c
SHA1

fd741da92532055361e5f6190c997e25d9d5f910
SHA256

e74f1ca5e55b2064e9226934d0096fd9b00402d87f7268720c9b8c1d358c619f
SHA512

cc076e89c69a6788f54c40008e28117ddd95f7ca45c8b056a7052ec310b2b8b9f1534bfa166450d939997f71ac928568f0072c07c003f478ca0db4c24f490cbd
SSDEEP

3072:2SmruNj1NnZfkTqNpivt8t5X2JyhBTAtyn89MTEYCrNy5:3mr0XVkTqatC5XVBstt9xrNS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e2133067d63728c1387f53adf10c8c4c
- Size
  
  133KB
- MD5
  
  e2133067d63728c1387f53adf10c8c4c
- SHA1
  
  fd741da92532055361e5f6190c997e25d9d5f910
- SHA256
  
  e74f1ca5e55b2064e9226934d0096fd9b00402d87f7268720c9b8c1d358c619f
- SHA512
  
  cc076e89c69a6788f54c40008e28117ddd95f7ca45c8b056a7052ec310b2b8b9f1534bfa166450d939997f71ac928568f0072c07c003f478ca0db4c24f490cbd
- SSDEEP
  
  3072:2SmruNj1NnZfkTqNpivt8t5X2JyhBTAtyn89MTEYCrNy5:3mr0XVkTqatC5XVBstt9xrNS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2