65ee8a95c9b257410977d855e967f6a35411833a984ad63ea9e298b31e7d6640 | Triage

Sharing

General

Target

04be35537e487658cb5499263499abf0N.exe
Size

204KB
Sample

240713-x3x85stfrp
MD5

04be35537e487658cb5499263499abf0
SHA1

425c5803311fedd05c6999799b612a31093b3299
SHA256

65ee8a95c9b257410977d855e967f6a35411833a984ad63ea9e298b31e7d6640
SHA512

583574140077432c472f276acf04dc6cd708675f2a184bc0712ef5a3699e5f4df338b39740fa35297d417f0747e01e5ebd948701bdd24d2b154d1dd64eef8356
SSDEEP

3072:GO/6nl92ILkt6i2ox7c39b1a0J86W8xXCKNWOHU/ezYMVWtG4SPUkxbgl:GgFtboVBJtNWyPnYG4fUbk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  04be35537e487658cb5499263499abf0N.exe
- Size
  
  204KB
- MD5
  
  04be35537e487658cb5499263499abf0
- SHA1
  
  425c5803311fedd05c6999799b612a31093b3299
- SHA256
  
  65ee8a95c9b257410977d855e967f6a35411833a984ad63ea9e298b31e7d6640
- SHA512
  
  583574140077432c472f276acf04dc6cd708675f2a184bc0712ef5a3699e5f4df338b39740fa35297d417f0747e01e5ebd948701bdd24d2b154d1dd64eef8356
- SSDEEP
  
  3072:GO/6nl92ILkt6i2ox7c39b1a0J86W8xXCKNWOHU/ezYMVWtG4SPUkxbgl:GgFtboVBJtNWyPnYG4fUbk
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2