53f95d374ced8be3217420dd197256d37132f38512bfdd15898faea2a7c85424 | Triage

Sharing

General

Target

53f95d374ced8be3217420dd197256d37132f38512bfdd15898faea2a7c85424
Size

157KB
Sample

240522-1l1vgsab23
MD5

f065a49b98006266d3c011477b78c8d5
SHA1

aec187b78c78a8ca73aa0e169fa1f15b6587c0aa
SHA256

53f95d374ced8be3217420dd197256d37132f38512bfdd15898faea2a7c85424
SHA512

8f6bb966fb2104ea2c59d678a6f83fb5553e335f18232413aec97d6cfbae3fbbc7335aac5f9e3a63bba9c4b7560362f91dca8d48f69014fa9622313dc37a32b0
SSDEEP

3072:YeojyYsAq/C3RCzgJHvNA1PpYfFL6zU+BEfi:7ojjqahUSPe1SZ+h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  53f95d374ced8be3217420dd197256d37132f38512bfdd15898faea2a7c85424
- Size
  
  157KB
- MD5
  
  f065a49b98006266d3c011477b78c8d5
- SHA1
  
  aec187b78c78a8ca73aa0e169fa1f15b6587c0aa
- SHA256
  
  53f95d374ced8be3217420dd197256d37132f38512bfdd15898faea2a7c85424
- SHA512
  
  8f6bb966fb2104ea2c59d678a6f83fb5553e335f18232413aec97d6cfbae3fbbc7335aac5f9e3a63bba9c4b7560362f91dca8d48f69014fa9622313dc37a32b0
- SSDEEP
  
  3072:YeojyYsAq/C3RCzgJHvNA1PpYfFL6zU+BEfi:7ojjqahUSPe1SZ+h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2