096a770f6ef8829a56f1c14937ab113d94c6b8a2429b28047e900c41f3d4f32b | Triage

Sharing

General

Target

096a770f6ef8829a56f1c14937ab113d94c6b8a2429b28047e900c41f3d4f32b
Size

204KB
Sample

240611-w4ebzswgkf
MD5

54557a5b52dba4443c84e982b6738715
SHA1

45dbc0eb7f6d30ac528fc0d1277f6b9a0b6e8de6
SHA256

096a770f6ef8829a56f1c14937ab113d94c6b8a2429b28047e900c41f3d4f32b
SHA512

86f3e04337eaebdb0ab0082f074247a99fc4922f4f0619ff2d10acd3f99397d87284014cbc35f43b8a2d89b3064e8ea708de3cf42ff17c0b0d84a762e532f193
SSDEEP

3072:3aSdR9c1/fuWL0AjMilpCOT+kICtApWFK1WHk25weLcKznxbQFFNj6QU:37oFuhAwM+kICeseWEEPznxbJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  096a770f6ef8829a56f1c14937ab113d94c6b8a2429b28047e900c41f3d4f32b
- Size
  
  204KB
- MD5
  
  54557a5b52dba4443c84e982b6738715
- SHA1
  
  45dbc0eb7f6d30ac528fc0d1277f6b9a0b6e8de6
- SHA256
  
  096a770f6ef8829a56f1c14937ab113d94c6b8a2429b28047e900c41f3d4f32b
- SHA512
  
  86f3e04337eaebdb0ab0082f074247a99fc4922f4f0619ff2d10acd3f99397d87284014cbc35f43b8a2d89b3064e8ea708de3cf42ff17c0b0d84a762e532f193
- SSDEEP
  
  3072:3aSdR9c1/fuWL0AjMilpCOT+kICtApWFK1WHk25weLcKznxbQFFNj6QU:37oFuhAwM+kICeseWEEPznxbJ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2