c24bf3ed7ac84c1099b02787900a8f83d34462658340f671db074f1b4d64c663 | Triage

Sharing

General

Target

c24bf3ed7ac84c1099b02787900a8f83d34462658340f671db074f1b4d64c663
Size

355KB
Sample

240526-c45dmabh8w
MD5

46c9a2850e8bea8bd1156945fa959d88
SHA1

64350ed46edcd3d4215c8694d80472f4299f3a5b
SHA256

c24bf3ed7ac84c1099b02787900a8f83d34462658340f671db074f1b4d64c663
SHA512

d6570ca5ec71588c1231f7a7a536f56e576799e7fc89d61b185b8de1d45ac15bc59184200a1cb2f2040cb6efb98693c0318d48ff41ef012fdc4a1ed3d7820432
SSDEEP

6144:MgEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:OmWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c24bf3ed7ac84c1099b02787900a8f83d34462658340f671db074f1b4d64c663
- Size
  
  355KB
- MD5
  
  46c9a2850e8bea8bd1156945fa959d88
- SHA1
  
  64350ed46edcd3d4215c8694d80472f4299f3a5b
- SHA256
  
  c24bf3ed7ac84c1099b02787900a8f83d34462658340f671db074f1b4d64c663
- SHA512
  
  d6570ca5ec71588c1231f7a7a536f56e576799e7fc89d61b185b8de1d45ac15bc59184200a1cb2f2040cb6efb98693c0318d48ff41ef012fdc4a1ed3d7820432
- SSDEEP
  
  6144:MgEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:OmWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2