094430f6931a633b015d1a857c97d04de9feb7a329be2dd32c2911216f1e9e5c | Triage

Sharing

General

Target

92d4373aafc1c3cd2765f63bea20d1c0_NEAS
Size

355KB
Sample

240507-qbl88sbe38
MD5

92d4373aafc1c3cd2765f63bea20d1c0
SHA1

6b62141617453ed13eeabe4e3cb49ab5d939392e
SHA256

094430f6931a633b015d1a857c97d04de9feb7a329be2dd32c2911216f1e9e5c
SHA512

2da8c0bf0807a0c2a9063c7d47c4ed3626d35fc3ff6a8b7a94082e0947b00c6f91b15e2c56df85bc2bc6ff4ae6cd1c71e8e0439209caf122dbfd1eb65e325513
SSDEEP

6144:n3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:0mWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  92d4373aafc1c3cd2765f63bea20d1c0_NEAS
- Size
  
  355KB
- MD5
  
  92d4373aafc1c3cd2765f63bea20d1c0
- SHA1
  
  6b62141617453ed13eeabe4e3cb49ab5d939392e
- SHA256
  
  094430f6931a633b015d1a857c97d04de9feb7a329be2dd32c2911216f1e9e5c
- SHA512
  
  2da8c0bf0807a0c2a9063c7d47c4ed3626d35fc3ff6a8b7a94082e0947b00c6f91b15e2c56df85bc2bc6ff4ae6cd1c71e8e0439209caf122dbfd1eb65e325513
- SSDEEP
  
  6144:n3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:0mWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2