8d4f15d230403dc41be201db493c3da66f29ebad75bbfc53a559c4a6c372d925 | Triage

Sharing

General

Target

8d4f15d230403dc41be201db493c3da66f29ebad75bbfc53a559c4a6c372d925
Size

218KB
Sample

240701-adpt5szdqa
MD5

370c7b1ecf6a60a3fa2b6f5e08a102cd
SHA1

eb8b0f6b5128015d731ebeb7f62e15838e544385
SHA256

8d4f15d230403dc41be201db493c3da66f29ebad75bbfc53a559c4a6c372d925
SHA512

13c1d1fd10efde6b5499d5eee89308b954c8bf7d6141c54234325bb29b8563c6472328cce6b4d39fb51a5187597cbb1c7a313ede88d1617d9ec780533f506a8b
SSDEEP

6144:yEQBDdO1z7L/EIhZDE9oLfFWlMZT7+DGaMwIC:yEGDdQNHEwWlMxYG/wI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8d4f15d230403dc41be201db493c3da66f29ebad75bbfc53a559c4a6c372d925
- Size
  
  218KB
- MD5
  
  370c7b1ecf6a60a3fa2b6f5e08a102cd
- SHA1
  
  eb8b0f6b5128015d731ebeb7f62e15838e544385
- SHA256
  
  8d4f15d230403dc41be201db493c3da66f29ebad75bbfc53a559c4a6c372d925
- SHA512
  
  13c1d1fd10efde6b5499d5eee89308b954c8bf7d6141c54234325bb29b8563c6472328cce6b4d39fb51a5187597cbb1c7a313ede88d1617d9ec780533f506a8b
- SSDEEP
  
  6144:yEQBDdO1z7L/EIhZDE9oLfFWlMZT7+DGaMwIC:yEGDdQNHEwWlMxYG/wI
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2