20bf75ec79b517943833f117a12421ff8b31cd4dd1c818f463bb35f0e1753c12 | Triage

Sharing

General

Target

20bf75ec79b517943833f117a12421ff8b31cd4dd1c818f463bb35f0e1753c12
Size

204KB
Sample

240430-yj1etseg5v
MD5

75f8ce733b4af79554b4b84c643980ad
SHA1

4531f769404ed38bdf19195a1354e4a0ac8b4064
SHA256

20bf75ec79b517943833f117a12421ff8b31cd4dd1c818f463bb35f0e1753c12
SHA512

b35e4ab5a9d48fb71c8e66d225b4613c4ed0dddf765f6884faeefea03412a1b0ae65c0dfb16cbd247371a182100b2e1f9dffbbfd7b70b06ecc91f20a41cc326d
SSDEEP

3072:UdGaTPrrIGvvyy8dHSi+OcGMrOpOVKdOyMbkrWRdg+E2uEPczTinJhV+p9GEVFU/:OGazIc6TVBMrOpzeJEsuirSGEMpgE

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  20bf75ec79b517943833f117a12421ff8b31cd4dd1c818f463bb35f0e1753c12
- Size
  
  204KB
- MD5
  
  75f8ce733b4af79554b4b84c643980ad
- SHA1
  
  4531f769404ed38bdf19195a1354e4a0ac8b4064
- SHA256
  
  20bf75ec79b517943833f117a12421ff8b31cd4dd1c818f463bb35f0e1753c12
- SHA512
  
  b35e4ab5a9d48fb71c8e66d225b4613c4ed0dddf765f6884faeefea03412a1b0ae65c0dfb16cbd247371a182100b2e1f9dffbbfd7b70b06ecc91f20a41cc326d
- SSDEEP
  
  3072:UdGaTPrrIGvvyy8dHSi+OcGMrOpOVKdOyMbkrWRdg+E2uEPczTinJhV+p9GEVFU/:OGazIc6TVBMrOpzeJEsuirSGEMpgE
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2