cb2d34626b89ea865e1e4ca57525fbdeca359aeea19246d646e58b1317269b67 | Triage

Sharing

General

Target

cb2d34626b89ea865e1e4ca57525fbdeca359aeea19246d646e58b1317269b67
Size

218KB
Sample

240612-ewvkka1are
MD5

76bf977884957ff1624a9c8e6825b27c
SHA1

c71ca66fbed01dc42f9473feeb85d52371f11b09
SHA256

cb2d34626b89ea865e1e4ca57525fbdeca359aeea19246d646e58b1317269b67
SHA512

c27310eee7d80625bd1f802a46137052b842b503d9ee73aac29c632b872718f94d4cc4c5f64b55ebbcc9e1582f46942ae899c4fa45e6efc9adfa41cff2e25d58
SSDEEP

3072:Hvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:P1SyAJp6rjn1gOObn4b6h9h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cb2d34626b89ea865e1e4ca57525fbdeca359aeea19246d646e58b1317269b67
- Size
  
  218KB
- MD5
  
  76bf977884957ff1624a9c8e6825b27c
- SHA1
  
  c71ca66fbed01dc42f9473feeb85d52371f11b09
- SHA256
  
  cb2d34626b89ea865e1e4ca57525fbdeca359aeea19246d646e58b1317269b67
- SHA512
  
  c27310eee7d80625bd1f802a46137052b842b503d9ee73aac29c632b872718f94d4cc4c5f64b55ebbcc9e1582f46942ae899c4fa45e6efc9adfa41cff2e25d58
- SSDEEP
  
  3072:Hvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:P1SyAJp6rjn1gOObn4b6h9h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2