047ee3769abee85f3ee86915a630a9399141ebb2d96b4b5376e5723e9a072bdc | Triage

Sharing

General

Target

047ee3769abee85f3ee86915a630a9399141ebb2d96b4b5376e5723e9a072bdc
Size

345KB
Sample

240523-wvt13sbe21
MD5

98589e0429e581d86299dd5a33f0dd56
SHA1

c7d1f59b077092aad434540a958c9b4586a6c063
SHA256

047ee3769abee85f3ee86915a630a9399141ebb2d96b4b5376e5723e9a072bdc
SHA512

5d1bdd28b6fadc8c5bff9c0c67b064c91653edf486d8cc1c6c28a387b0e5f4013ad91766c61b24065ebd4570a8834c41ad1a6ae4702ccf7a63ebc33f7ac37425
SSDEEP

6144:zYCmWoza0a1IMVVEb3uqRpwIUV9lMYmFQqZRRphLuVucfb8ehbjN8wS21bKRTw4W:bmWQa0a1IMVr9eMqbRzLuVucfb8ehbjX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  047ee3769abee85f3ee86915a630a9399141ebb2d96b4b5376e5723e9a072bdc
- Size
  
  345KB
- MD5
  
  98589e0429e581d86299dd5a33f0dd56
- SHA1
  
  c7d1f59b077092aad434540a958c9b4586a6c063
- SHA256
  
  047ee3769abee85f3ee86915a630a9399141ebb2d96b4b5376e5723e9a072bdc
- SHA512
  
  5d1bdd28b6fadc8c5bff9c0c67b064c91653edf486d8cc1c6c28a387b0e5f4013ad91766c61b24065ebd4570a8834c41ad1a6ae4702ccf7a63ebc33f7ac37425
- SSDEEP
  
  6144:zYCmWoza0a1IMVVEb3uqRpwIUV9lMYmFQqZRRphLuVucfb8ehbjN8wS21bKRTw4W:bmWQa0a1IMVr9eMqbRzLuVucfb8ehbjX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2