fe268fedbd39b7c3d360ee1cac44e73443a0ff05a2c13b1d59d555bce1e422f5 | Triage

Sharing

General

Target

fe268fedbd39b7c3d360ee1cac44e73443a0ff05a2c13b1d59d555bce1e422f5
Size

201KB
Sample

240429-e16hmaab63
MD5

73c4b9b9daa22f96462504af0680bfd4
SHA1

d7fffa3cedac91e693fbf298e5fa0e9bdc9dbe76
SHA256

fe268fedbd39b7c3d360ee1cac44e73443a0ff05a2c13b1d59d555bce1e422f5
SHA512

aeca74b256fe31f0338534a1718a1fcc7d5158effc7c123d87a980a3faa67e032a6b288ce1815f066278e5c1433be3d8e3dc449c1fb0301b003dfa1500447f33
SSDEEP

6144:vt++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:U+cff22qZhZcKYhc/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  fe268fedbd39b7c3d360ee1cac44e73443a0ff05a2c13b1d59d555bce1e422f5
- Size
  
  201KB
- MD5
  
  73c4b9b9daa22f96462504af0680bfd4
- SHA1
  
  d7fffa3cedac91e693fbf298e5fa0e9bdc9dbe76
- SHA256
  
  fe268fedbd39b7c3d360ee1cac44e73443a0ff05a2c13b1d59d555bce1e422f5
- SHA512
  
  aeca74b256fe31f0338534a1718a1fcc7d5158effc7c123d87a980a3faa67e032a6b288ce1815f066278e5c1433be3d8e3dc449c1fb0301b003dfa1500447f33
- SSDEEP
  
  6144:vt++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:U+cff22qZhZcKYhc/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2