b3c0767260b360a738683e33446860d2f494b21b2158e31c8c90ebc4b3e43bee | Triage

Sharing

General

Target

132331
Size

436KB
Sample

240720-t2tb1stelc
MD5

5e9a265fd95d899a93c8892638792c42
SHA1

4ba0fc8e0e8cf8a1d96babd59d69380ab31d337b
SHA256

b3c0767260b360a738683e33446860d2f494b21b2158e31c8c90ebc4b3e43bee
SHA512

b9d4129bf718bd6511f18fda1cc2aa40be94e5d1e3ae14ca4560dd230b6e034f6ff0d6dc84a6e5b540d6bc8ba7504d0f451c54327bd23ccbc02b0c35531ab120
SSDEEP

12288:7MSU4joci8M6PW1GVFeFd60DFUyhehYM:ASUCpM2W1Gvgmyehv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  132331
- Size
  
  436KB
- MD5
  
  5e9a265fd95d899a93c8892638792c42
- SHA1
  
  4ba0fc8e0e8cf8a1d96babd59d69380ab31d337b
- SHA256
  
  b3c0767260b360a738683e33446860d2f494b21b2158e31c8c90ebc4b3e43bee
- SHA512
  
  b9d4129bf718bd6511f18fda1cc2aa40be94e5d1e3ae14ca4560dd230b6e034f6ff0d6dc84a6e5b540d6bc8ba7504d0f451c54327bd23ccbc02b0c35531ab120
- SSDEEP
  
  12288:7MSU4joci8M6PW1GVFeFd60DFUyhehYM:ASUCpM2W1Gvgmyehv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1