38adb61afc897ac5543d07936cbbdaabfe96181e18ca1b6468e37d65dfbde79d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38adb61afc897ac5543d07936cbbdaabfe96181e18ca1b6468e37d65dfbde79d
Size

237KB
Sample

240616-y4k6mswdkf
MD5

8516e0e1c178920303a0633c7a4571cd
SHA1

8a23f7e1cd2768354fe03cadf2cee4401533893d
SHA256

38adb61afc897ac5543d07936cbbdaabfe96181e18ca1b6468e37d65dfbde79d
SHA512

80e0bac9dde31ce185d5fe62ee5cedda23b623e4fa3c74bbcf90b547713320ea3ec6542adfc85ef2581bba83b69e4f243ef124b2acf724fb5587d2089296a266
SSDEEP

6144:nD8okEvTyoZVOgd2QZiw5NLclL5orfQH:DsjCF2QZiOU+4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  38adb61afc897ac5543d07936cbbdaabfe96181e18ca1b6468e37d65dfbde79d
- Size
  
  237KB
- MD5
  
  8516e0e1c178920303a0633c7a4571cd
- SHA1
  
  8a23f7e1cd2768354fe03cadf2cee4401533893d
- SHA256
  
  38adb61afc897ac5543d07936cbbdaabfe96181e18ca1b6468e37d65dfbde79d
- SHA512
  
  80e0bac9dde31ce185d5fe62ee5cedda23b623e4fa3c74bbcf90b547713320ea3ec6542adfc85ef2581bba83b69e4f243ef124b2acf724fb5587d2089296a266
- SSDEEP
  
  6144:nD8okEvTyoZVOgd2QZiw5NLclL5orfQH:DsjCF2QZiOU+4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2