5c795f6ae71d4954a8ca19f1e933ce28336cc681460ba8ad8ac7c7705c2054c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c795f6ae71d4954a8ca19f1e933ce28336cc681460ba8ad8ac7c7705c2054c6
Size

211KB
Sample

240428-1gc8mahg33
MD5

a85d203f9e6b8a504b1746a1a5d57b4e
SHA1

83d397c691640f4cb42c4706e59a28964e2c1f4d
SHA256

5c795f6ae71d4954a8ca19f1e933ce28336cc681460ba8ad8ac7c7705c2054c6
SHA512

e9458559e7ee90cfba19f9cdff208edeb0ade532428633a23121c9c76809fe1e2a05fbe19c6e0a20292c851d6f7f37e2e05c6631c748040d90a672d0e5af95c2
SSDEEP

6144:nmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:X71YpQiU/RcO1VQInVob

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5c795f6ae71d4954a8ca19f1e933ce28336cc681460ba8ad8ac7c7705c2054c6
- Size
  
  211KB
- MD5
  
  a85d203f9e6b8a504b1746a1a5d57b4e
- SHA1
  
  83d397c691640f4cb42c4706e59a28964e2c1f4d
- SHA256
  
  5c795f6ae71d4954a8ca19f1e933ce28336cc681460ba8ad8ac7c7705c2054c6
- SHA512
  
  e9458559e7ee90cfba19f9cdff208edeb0ade532428633a23121c9c76809fe1e2a05fbe19c6e0a20292c851d6f7f37e2e05c6631c748040d90a672d0e5af95c2
- SSDEEP
  
  6144:nmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:X71YpQiU/RcO1VQInVob
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2