Overview

overview

10

Static

static

3

9e3abe1e97...a2.exe

windows7-x64

10

9e3abe1e97...a2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e3abe1e978219dd4626dbf41f691a29eff7f0aa995eca5b245fbd9d06fe0ba2

  • Size

    68KB

  • Sample

    240523-bfm9rsfg6y

  • MD5

    f894a0a88d75702aa9245b24d888547b

  • SHA1

    8a186759207be99df3ebd8f778d10ad4770c901a

  • SHA256

    9e3abe1e978219dd4626dbf41f691a29eff7f0aa995eca5b245fbd9d06fe0ba2

  • SHA512

    b18764282ee1a9a4219b158bdb983e47379da3532d6eda03de6d264851336cd721a8908b94527b0091f6f5a0ffa6eb1e613ad2207b8172373acbc363fe7df525

  • SSDEEP

    1536:dB8GgPtAELj0OK6QYKKpsTwbRXNRu1q9xzGC1tj:dB8GgP56KcowqyC

Score
10/10
persistence

Malware Config

Targets

    • Target

      9e3abe1e978219dd4626dbf41f691a29eff7f0aa995eca5b245fbd9d06fe0ba2

    • Size

      68KB

    • MD5

      f894a0a88d75702aa9245b24d888547b

    • SHA1

      8a186759207be99df3ebd8f778d10ad4770c901a

    • SHA256

      9e3abe1e978219dd4626dbf41f691a29eff7f0aa995eca5b245fbd9d06fe0ba2

    • SHA512

      b18764282ee1a9a4219b158bdb983e47379da3532d6eda03de6d264851336cd721a8908b94527b0091f6f5a0ffa6eb1e613ad2207b8172373acbc363fe7df525

    • SSDEEP

      1536:dB8GgPtAELj0OK6QYKKpsTwbRXNRu1q9xzGC1tj:dB8GgP56KcowqyC

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks