442198d69c132922a7520ce58c89ea779a162caae71462f558b72ed2f09efe72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e0aa4de3f22a962eab289d7494a5800N.exe
Size

201KB
Sample

240720-da1zsawgja
MD5

3e0aa4de3f22a962eab289d7494a5800
SHA1

9acddaa2d3f7e640c601233686f27dd42ec017bd
SHA256

442198d69c132922a7520ce58c89ea779a162caae71462f558b72ed2f09efe72
SHA512

09b4c419ce885f459df2ed7027bbd52df6dfc1bf7706790cbe0512841312255e3470edcaf31c822dcf620eaefa3a60001b109421e2abc9125a56ff88abdb41de
SSDEEP

6144:it++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:t+cff22qZhZcKYhc/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3e0aa4de3f22a962eab289d7494a5800N.exe
- Size
  
  201KB
- MD5
  
  3e0aa4de3f22a962eab289d7494a5800
- SHA1
  
  9acddaa2d3f7e640c601233686f27dd42ec017bd
- SHA256
  
  442198d69c132922a7520ce58c89ea779a162caae71462f558b72ed2f09efe72
- SHA512
  
  09b4c419ce885f459df2ed7027bbd52df6dfc1bf7706790cbe0512841312255e3470edcaf31c822dcf620eaefa3a60001b109421e2abc9125a56ff88abdb41de
- SSDEEP
  
  6144:it++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:t+cff22qZhZcKYhc/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2