831adaa72d07c77b700fbd8b1d5e8a7c21fa1872dcdb766b64ecb0af47ebdba1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

831adaa72d07c77b700fbd8b1d5e8a7c21fa1872dcdb766b64ecb0af47ebdba1
Size

206KB
Sample

240529-3rce7afd66
MD5

aa37e6cf7b630e9768269a6b547228d1
SHA1

b08f0135dc734fbd4dd278829b72781e22ddc4a2
SHA256

831adaa72d07c77b700fbd8b1d5e8a7c21fa1872dcdb766b64ecb0af47ebdba1
SHA512

2c5949dae202d9a7fa7c7dc790504ba403ab0ce2065ea4a86a928343c5a2457b29e7c4ea3d75ce02570bfeef4701e856cf99e4dc01d6f222ae59c039de4f5962
SSDEEP

6144:2+EqFQ9A9ty5bhJcrs0MurPw/c4hd/B/coyXT3nOGX6T+:2+U9qyFhJy56d/eoyXjn9W+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  831adaa72d07c77b700fbd8b1d5e8a7c21fa1872dcdb766b64ecb0af47ebdba1
- Size
  
  206KB
- MD5
  
  aa37e6cf7b630e9768269a6b547228d1
- SHA1
  
  b08f0135dc734fbd4dd278829b72781e22ddc4a2
- SHA256
  
  831adaa72d07c77b700fbd8b1d5e8a7c21fa1872dcdb766b64ecb0af47ebdba1
- SHA512
  
  2c5949dae202d9a7fa7c7dc790504ba403ab0ce2065ea4a86a928343c5a2457b29e7c4ea3d75ce02570bfeef4701e856cf99e4dc01d6f222ae59c039de4f5962
- SSDEEP
  
  6144:2+EqFQ9A9ty5bhJcrs0MurPw/c4hd/B/coyXT3nOGX6T+:2+U9qyFhJy56d/eoyXjn9W+
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2