ce4ed339ef44aca4849346e1a7e453e2bde02c1d99652d1f17bbeecb8bc7793b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce4ed339ef44aca4849346e1a7e453e2bde02c1d99652d1f17bbeecb8bc7793b
Size

244KB
Sample

240527-dcffvsef54
MD5

942d9072bd420ccf98627fb01076316e
SHA1

ca965922fbaa87cfd73f5888c89abfa8c6b38f4e
SHA256

ce4ed339ef44aca4849346e1a7e453e2bde02c1d99652d1f17bbeecb8bc7793b
SHA512

1c1f5090c3f40e379d647caefc17acbcb3ce2a67be9a9e61c0d97894e5c708ff44b88504aaf544cce5d45861722750872ea7b124f5000fa233b0d793740fc443
SSDEEP

6144:PEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:wAylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ce4ed339ef44aca4849346e1a7e453e2bde02c1d99652d1f17bbeecb8bc7793b
- Size
  
  244KB
- MD5
  
  942d9072bd420ccf98627fb01076316e
- SHA1
  
  ca965922fbaa87cfd73f5888c89abfa8c6b38f4e
- SHA256
  
  ce4ed339ef44aca4849346e1a7e453e2bde02c1d99652d1f17bbeecb8bc7793b
- SHA512
  
  1c1f5090c3f40e379d647caefc17acbcb3ce2a67be9a9e61c0d97894e5c708ff44b88504aaf544cce5d45861722750872ea7b124f5000fa233b0d793740fc443
- SSDEEP
  
  6144:PEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:wAylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2