b9235183f77275fb61df3ad8d56a288afa7ca5e09e64a5798b902a0ddc572386 | Triage

Sharing

General

Target

b9235183f77275fb61df3ad8d56a288afa7ca5e09e64a5798b902a0ddc572386
Size

80KB
Sample

240523-cr2rzaac51
MD5

5a472833d899fb41f0ad4a8eceb4f935
SHA1

ad18e37177cc449885609d667f83ff60318e4893
SHA256

b9235183f77275fb61df3ad8d56a288afa7ca5e09e64a5798b902a0ddc572386
SHA512

307cb9b3a78a34142fbfd692ec1f89ed688a823017f58508d41dd15f569fb7077caa101a0d3cee76cf88c91187f1023af0495059af0506824e3835728c10a4e1
SSDEEP

1536:BBn+F+/pvyvJKe5zzN1Kt1RkSs1UfycBjAYn1fpghy:BB+U/pvyvJjtKeXea610

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b9235183f77275fb61df3ad8d56a288afa7ca5e09e64a5798b902a0ddc572386
- Size
  
  80KB
- MD5
  
  5a472833d899fb41f0ad4a8eceb4f935
- SHA1
  
  ad18e37177cc449885609d667f83ff60318e4893
- SHA256
  
  b9235183f77275fb61df3ad8d56a288afa7ca5e09e64a5798b902a0ddc572386
- SHA512
  
  307cb9b3a78a34142fbfd692ec1f89ed688a823017f58508d41dd15f569fb7077caa101a0d3cee76cf88c91187f1023af0495059af0506824e3835728c10a4e1
- SSDEEP
  
  1536:BBn+F+/pvyvJKe5zzN1Kt1RkSs1UfycBjAYn1fpghy:BB+U/pvyvJjtKeXea610
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2