4f25521315223fe8def008cedb40073f18f21608d6bb41739d30988eefff4cf9 | Triage

Sharing

General

Target

4f25521315223fe8def008cedb40073f18f21608d6bb41739d30988eefff4cf9
Size

212KB
Sample

240502-1mappaff9t
MD5

5e556d0847905125d4c474d153c5ee37
SHA1

272b80004a631d63854404ef47e57f9fbd307e70
SHA256

4f25521315223fe8def008cedb40073f18f21608d6bb41739d30988eefff4cf9
SHA512

f2a2aca022ecf559566464ca0c20257a99f0ea5f56dd84b7ce610cae436ea4d9af1fc451753d4aa876d260b7b0ab131dbf03c2cab1c3885f5f3da5d8b44b6da5
SSDEEP

6144:zxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:tA6NBT/yEGjWwa7vU

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4f25521315223fe8def008cedb40073f18f21608d6bb41739d30988eefff4cf9
- Size
  
  212KB
- MD5
  
  5e556d0847905125d4c474d153c5ee37
- SHA1
  
  272b80004a631d63854404ef47e57f9fbd307e70
- SHA256
  
  4f25521315223fe8def008cedb40073f18f21608d6bb41739d30988eefff4cf9
- SHA512
  
  f2a2aca022ecf559566464ca0c20257a99f0ea5f56dd84b7ce610cae436ea4d9af1fc451753d4aa876d260b7b0ab131dbf03c2cab1c3885f5f3da5d8b44b6da5
- SSDEEP
  
  6144:zxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:tA6NBT/yEGjWwa7vU
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2