7757d34ab16584dd4e8e8493cda9b22a3bb60509392c269081ef71ff0de1d9b3 | Triage

Sharing

General

Target

unrepellent.exe
Size

244KB
Sample

240708-c61hfs1ckb
MD5

71db30d5db50af8adec8fa9c24ce9860
SHA1

78f2eba84b5b61886a2444c47ae42ae89efa02d4
SHA256

7757d34ab16584dd4e8e8493cda9b22a3bb60509392c269081ef71ff0de1d9b3
SHA512

f25a0e756e472471ba7c45f01431d2071743611553298138fa6a674493c0254b7c88f255b952a15531572b61a5cbc328693ddea1480630742c97f3c3016b54da
SSDEEP

6144:9EXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:eAylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  unrepellent.exe
- Size
  
  244KB
- MD5
  
  71db30d5db50af8adec8fa9c24ce9860
- SHA1
  
  78f2eba84b5b61886a2444c47ae42ae89efa02d4
- SHA256
  
  7757d34ab16584dd4e8e8493cda9b22a3bb60509392c269081ef71ff0de1d9b3
- SHA512
  
  f25a0e756e472471ba7c45f01431d2071743611553298138fa6a674493c0254b7c88f255b952a15531572b61a5cbc328693ddea1480630742c97f3c3016b54da
- SSDEEP
  
  6144:9EXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:eAylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2