acd0572a7df0ede556a4037253cb272eb735ca395e07197110517a766993f595 | Triage

Sharing

General

Target

Client.exe
Size

425KB
Sample

240502-r7s74adc69
MD5

e1ec0c054d516d6b7f17af804cc78f79
SHA1

b92e1f75b725377bc8dd17ec8751c315a404651d
SHA256

acd0572a7df0ede556a4037253cb272eb735ca395e07197110517a766993f595
SHA512

8bf68b1ecff46128c63b41b51d11de88c372db29d07b6e8fb3054c408fc70f7f4a2253aef72a6d5ad9816300143d9dcad182b3de02fc3394be0b97b00858dd23
SSDEEP

6144:i5V1329/dR522IUe9OjDove6VlWT8b9Z4Hq9VivdhscS6bkOno:i5H822Pe9/vPVle8g6sUBqo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Client.exe
- Size
  
  425KB
- MD5
  
  e1ec0c054d516d6b7f17af804cc78f79
- SHA1
  
  b92e1f75b725377bc8dd17ec8751c315a404651d
- SHA256
  
  acd0572a7df0ede556a4037253cb272eb735ca395e07197110517a766993f595
- SHA512
  
  8bf68b1ecff46128c63b41b51d11de88c372db29d07b6e8fb3054c408fc70f7f4a2253aef72a6d5ad9816300143d9dcad182b3de02fc3394be0b97b00858dd23
- SSDEEP
  
  6144:i5V1329/dR522IUe9OjDove6VlWT8b9Z4Hq9VivdhscS6bkOno:i5H822Pe9/vPVle8g6sUBqo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies AppInit DLL entries
  persistence
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1