3677070874e81e997c23f5a5a6279d60ef0e73617f9a2fdf4622c06f1958ee02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3677070874e81e997c23f5a5a6279d60ef0e73617f9a2fdf4622c06f1958ee02.exe
Size

4.7MB
Sample

240424-bnmm7sde5y
MD5

0339f68638bc40495d8b049bc8def331
SHA1

bacce3177bee1879b70f494670c2ea353135ccc8
SHA256

3677070874e81e997c23f5a5a6279d60ef0e73617f9a2fdf4622c06f1958ee02
SHA512

b833a8523a5f858e51ba5c7702923c2f3be7c6c295d01021f18d4569c8d28cfe0506cf0a53de4d7958cb2d089ee9167bd6af7dfe1a8e0cddd2435e2d877cbb03
SSDEEP

98304:dlTZzTMTCIkXpfL8fmSONR2VibjsQ+F9A0nF+WlNbYTGL:rZHaCIkZfL8fmSQsVsQJjFFUTGL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3677070874e81e997c23f5a5a6279d60ef0e73617f9a2fdf4622c06f1958ee02.exe
- Size
  
  4.7MB
- MD5
  
  0339f68638bc40495d8b049bc8def331
- SHA1
  
  bacce3177bee1879b70f494670c2ea353135ccc8
- SHA256
  
  3677070874e81e997c23f5a5a6279d60ef0e73617f9a2fdf4622c06f1958ee02
- SHA512
  
  b833a8523a5f858e51ba5c7702923c2f3be7c6c295d01021f18d4569c8d28cfe0506cf0a53de4d7958cb2d089ee9167bd6af7dfe1a8e0cddd2435e2d877cbb03
- SSDEEP
  
  98304:dlTZzTMTCIkXpfL8fmSONR2VibjsQ+F9A0nF+WlNbYTGL:rZHaCIkZfL8fmSQsVsQJjFFUTGL
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2