4f5c352ece7e5c178814d6ba51a78dee093a8b77393286047a67530f942bdf11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f5c352ece7e5c178814d6ba51a78dee093a8b77393286047a67530f942bdf11
Size

244KB
Sample

240706-1f9v7swdjb
MD5

7d434879979c5529a7b7a6a75c6400ed
SHA1

ed7bbc47344172a2e77c51c34370d6bcadeccd29
SHA256

4f5c352ece7e5c178814d6ba51a78dee093a8b77393286047a67530f942bdf11
SHA512

dae4a04b8b75d68faeca0ae0c6afa50c8ee97c09a1001073b105f2cb1ad5ad32e8fbc3488817d9024b52bf826f033bc709043d88a7b96b896903d25aa01226ef
SSDEEP

6144:eEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:TAylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4f5c352ece7e5c178814d6ba51a78dee093a8b77393286047a67530f942bdf11
- Size
  
  244KB
- MD5
  
  7d434879979c5529a7b7a6a75c6400ed
- SHA1
  
  ed7bbc47344172a2e77c51c34370d6bcadeccd29
- SHA256
  
  4f5c352ece7e5c178814d6ba51a78dee093a8b77393286047a67530f942bdf11
- SHA512
  
  dae4a04b8b75d68faeca0ae0c6afa50c8ee97c09a1001073b105f2cb1ad5ad32e8fbc3488817d9024b52bf826f033bc709043d88a7b96b896903d25aa01226ef
- SSDEEP
  
  6144:eEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:TAylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2