d0abdec7b0bd7a93d7b29ebae50d2741cdebf54825145f191643af51dec02854 | Triage

Sharing

General

Target

d0abdec7b0bd7a93d7b29ebae50d2741cdebf54825145f191643af51dec02854
Size

41KB
Sample

240611-d2h82stbmn
MD5

c3f985a35e440fa3c363d8e00a94a12d
SHA1

5b36dc86dad9db3ae147e42b93372f905d0caa99
SHA256

d0abdec7b0bd7a93d7b29ebae50d2741cdebf54825145f191643af51dec02854
SHA512

4c1e75e7ff0067d50d17ed1efef65841609ed0cb040fdd48d8c59170803b7afae3ca4f179ffe8b2484f22f4231ffc2e357562b60bb901321f44d80f8a8970475
SSDEEP

768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdp:+WNBGBrM6Fv6mkqyo8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d0abdec7b0bd7a93d7b29ebae50d2741cdebf54825145f191643af51dec02854
- Size
  
  41KB
- MD5
  
  c3f985a35e440fa3c363d8e00a94a12d
- SHA1
  
  5b36dc86dad9db3ae147e42b93372f905d0caa99
- SHA256
  
  d0abdec7b0bd7a93d7b29ebae50d2741cdebf54825145f191643af51dec02854
- SHA512
  
  4c1e75e7ff0067d50d17ed1efef65841609ed0cb040fdd48d8c59170803b7afae3ca4f179ffe8b2484f22f4231ffc2e357562b60bb901321f44d80f8a8970475
- SSDEEP
  
  768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdp:+WNBGBrM6Fv6mkqyo8
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2