6ea11665c757552aa848e8b2858823962bc98ea7e196e8b393355021c87f60bd | Triage

Sharing

General

Target

6ea11665c757552aa848e8b2858823962bc98ea7e196e8b393355021c87f60bd
Size

390KB
Sample

240416-3f973sfe48
MD5

445d1d2683ebbd04e4e537251dc37cbc
SHA1

d01c7bf821ee6d8ac071eff8380dc1cfd980a7bf
SHA256

6ea11665c757552aa848e8b2858823962bc98ea7e196e8b393355021c87f60bd
SHA512

b06b99e133944701f418a7d7281d6b61a41c285343694d0a0fb316132a5a500ebe8a59b57f7d52b790f4a2a3751df1c76adcf622ef5b5451f6f393a7a6df2416
SSDEEP

6144:oA6e1x61iBa0ZBJed/0jURl+LDI7xqzM0vIrMgi7NhrWAU7/feMwdOc3NUDc3WX:ew61ybe90jqlQ4rMvYHzfJw+Dc3WX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6ea11665c757552aa848e8b2858823962bc98ea7e196e8b393355021c87f60bd
- Size
  
  390KB
- MD5
  
  445d1d2683ebbd04e4e537251dc37cbc
- SHA1
  
  d01c7bf821ee6d8ac071eff8380dc1cfd980a7bf
- SHA256
  
  6ea11665c757552aa848e8b2858823962bc98ea7e196e8b393355021c87f60bd
- SHA512
  
  b06b99e133944701f418a7d7281d6b61a41c285343694d0a0fb316132a5a500ebe8a59b57f7d52b790f4a2a3751df1c76adcf622ef5b5451f6f393a7a6df2416
- SSDEEP
  
  6144:oA6e1x61iBa0ZBJed/0jURl+LDI7xqzM0vIrMgi7NhrWAU7/feMwdOc3NUDc3WX:ew61ybe90jqlQ4rMvYHzfJw+Dc3WX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2