370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
Size

217KB
Sample

240528-y6tkssca85
MD5

a0856e80d531ea72928903a6334bdadb
SHA1

a50b378d9bbc8db6af06ed524f4dd0628c996fe3
SHA256

370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
SHA512

6f334c9aa912abd8ad52887e380c67f9ae602cf3f1396c06fcec1588f0cdcae7486309d496d3743fd85d9dd39e9ef6ba43e287322ef6916207d06043b273358d
SSDEEP

6144:4nyiqVQBf0EaIp8fkTJJsK1eEzEB1XjrkXb:BEdp8csKpE7XX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
- Size
  
  217KB
- MD5
  
  a0856e80d531ea72928903a6334bdadb
- SHA1
  
  a50b378d9bbc8db6af06ed524f4dd0628c996fe3
- SHA256
  
  370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
- SHA512
  
  6f334c9aa912abd8ad52887e380c67f9ae602cf3f1396c06fcec1588f0cdcae7486309d496d3743fd85d9dd39e9ef6ba43e287322ef6916207d06043b273358d
- SSDEEP
  
  6144:4nyiqVQBf0EaIp8fkTJJsK1eEzEB1XjrkXb:BEdp8csKpE7XX
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2