17c32ce142873391c8a97127926af2d46f68013d4645ee681dbbf2ccfe2a0093 | Triage

Sharing

General

Target

17c32ce142873391c8a97127926af2d46f68013d4645ee681dbbf2ccfe2a0093
Size

211KB
Sample

240524-xsrcvaga76
MD5

4bac063010f7d1fd0533da5140835b67
SHA1

17a4a802dc09b433740fe43f4c3c3f5b5b6e7a91
SHA256

17c32ce142873391c8a97127926af2d46f68013d4645ee681dbbf2ccfe2a0093
SHA512

9808378dbf5939e88d6ea1601d49385c48aa8ef4f1a55f267f3c0989e007c2d71adfa953965e06b4fbd39da6d32fd6dbd893f27403a5712a12b508f4408d18cf
SSDEEP

6144:KmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:M71YpQiU/RcO1VQInVob

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  17c32ce142873391c8a97127926af2d46f68013d4645ee681dbbf2ccfe2a0093
- Size
  
  211KB
- MD5
  
  4bac063010f7d1fd0533da5140835b67
- SHA1
  
  17a4a802dc09b433740fe43f4c3c3f5b5b6e7a91
- SHA256
  
  17c32ce142873391c8a97127926af2d46f68013d4645ee681dbbf2ccfe2a0093
- SHA512
  
  9808378dbf5939e88d6ea1601d49385c48aa8ef4f1a55f267f3c0989e007c2d71adfa953965e06b4fbd39da6d32fd6dbd893f27403a5712a12b508f4408d18cf
- SSDEEP
  
  6144:KmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:M71YpQiU/RcO1VQInVob
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2