ba35a2e10c6f8743fae39f1565a857a5970df2d178a0909c7aca78a195104b02 | Triage

Sharing

General

Target

ba35a2e10c6f8743fae39f1565a857a5970df2d178a0909c7aca78a195104b02
Size

205KB
Sample

240523-ctjdeaaf28
MD5

58a0cff675a2557fef2a35bae0f50820
SHA1

8cd44a53cefe634fd2abd803526feace6145f831
SHA256

ba35a2e10c6f8743fae39f1565a857a5970df2d178a0909c7aca78a195104b02
SHA512

16c1c18472d30c666d4b63166d765a24d32513f8211bbfea3ff8a34503b8e8b9fcfec8238ea84496bc0e769aa53010012724184344f7bca038b7eceb818fdbb8
SSDEEP

3072:y7VD4DUHnNZkfOP6sfIOpJ9C3hPlGxt1UhRkgyankTIzfwAYzWcXCyqT36zhRRKy:ozHnMLm5GNGxHUhtnkdpHqTKzhh8i

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ba35a2e10c6f8743fae39f1565a857a5970df2d178a0909c7aca78a195104b02
- Size
  
  205KB
- MD5
  
  58a0cff675a2557fef2a35bae0f50820
- SHA1
  
  8cd44a53cefe634fd2abd803526feace6145f831
- SHA256
  
  ba35a2e10c6f8743fae39f1565a857a5970df2d178a0909c7aca78a195104b02
- SHA512
  
  16c1c18472d30c666d4b63166d765a24d32513f8211bbfea3ff8a34503b8e8b9fcfec8238ea84496bc0e769aa53010012724184344f7bca038b7eceb818fdbb8
- SSDEEP
  
  3072:y7VD4DUHnNZkfOP6sfIOpJ9C3hPlGxt1UhRkgyankTIzfwAYzWcXCyqT36zhRRKy:ozHnMLm5GNGxHUhtnkdpHqTKzhh8i
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2