19b56ede186fd48bee8a49beeb001e65a07881408136f88912eeb0b5b35fb742 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19b56ede186fd48bee8a49beeb001e65a07881408136f88912eeb0b5b35fb742
Size

206KB
Sample

240504-zr8a3seb52
MD5

faaad026c687ab81a50855d64cbc965f
SHA1

d9dbd83687907a72a0c07e94950897dedc9f5102
SHA256

19b56ede186fd48bee8a49beeb001e65a07881408136f88912eeb0b5b35fb742
SHA512

d12d5b4ec03f64721ab6da5820a912c72286adb7c681cbe124f4feaaebfeab409b6e58be441d8495b394cfde12e486ca9553a38e981f7c0b63f7f4bdf9d632ac
SSDEEP

6144:o+EqFQ9A9ty5bhJcrs0MurPw/c4hd/B/coyXT3nOGX6T+:o+U9qyFhJy56d/eoyXjn9W+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  19b56ede186fd48bee8a49beeb001e65a07881408136f88912eeb0b5b35fb742
- Size
  
  206KB
- MD5
  
  faaad026c687ab81a50855d64cbc965f
- SHA1
  
  d9dbd83687907a72a0c07e94950897dedc9f5102
- SHA256
  
  19b56ede186fd48bee8a49beeb001e65a07881408136f88912eeb0b5b35fb742
- SHA512
  
  d12d5b4ec03f64721ab6da5820a912c72286adb7c681cbe124f4feaaebfeab409b6e58be441d8495b394cfde12e486ca9553a38e981f7c0b63f7f4bdf9d632ac
- SSDEEP
  
  6144:o+EqFQ9A9ty5bhJcrs0MurPw/c4hd/B/coyXT3nOGX6T+:o+U9qyFhJy56d/eoyXjn9W+
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2