74370c4b2b556b4b16ae624372e76569db0897c0e37a92e2f89e47a41b485f3d | Triage

Sharing

General

Target

74370c4b2b556b4b16ae624372e76569db0897c0e37a92e2f89e47a41b485f3d
Size

576KB
Sample

240624-2r1bkszalr
MD5

bea0d99a6a226473a4dfb1e382fe55c1
SHA1

43d4e4458af4a61c367eafb66851cf0a5975b892
SHA256

74370c4b2b556b4b16ae624372e76569db0897c0e37a92e2f89e47a41b485f3d
SHA512

200c0d63db140112a540daccabe9907ff83a6470e663a404b267e6cc0ed4ecd1e544dcb0b7f980eb0a1e21248e5a4d1ebbc888380a25438806d520fa001af95c
SSDEEP

12288:AmWhND9yJz+b1FcMLmp2ATTSsdxmWhND9yJz+b1FcMLmpG:AmUNJyJqb1FcMap2ATT5rmUNJyJqb1Fl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  74370c4b2b556b4b16ae624372e76569db0897c0e37a92e2f89e47a41b485f3d
- Size
  
  576KB
- MD5
  
  bea0d99a6a226473a4dfb1e382fe55c1
- SHA1
  
  43d4e4458af4a61c367eafb66851cf0a5975b892
- SHA256
  
  74370c4b2b556b4b16ae624372e76569db0897c0e37a92e2f89e47a41b485f3d
- SHA512
  
  200c0d63db140112a540daccabe9907ff83a6470e663a404b267e6cc0ed4ecd1e544dcb0b7f980eb0a1e21248e5a4d1ebbc888380a25438806d520fa001af95c
- SSDEEP
  
  12288:AmWhND9yJz+b1FcMLmp2ATTSsdxmWhND9yJz+b1FcMLmpG:AmUNJyJqb1FcMap2ATT5rmUNJyJqb1Fl
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2