3b70c5295b68259ec6b50fa8edc71dcc4c4824785cbd5a5529d828e9760311d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13e2a3b74ff226ef8f52e843a6e55e10N.exe
Size

723KB
Sample

240721-1dm9eswanf
MD5

13e2a3b74ff226ef8f52e843a6e55e10
SHA1

0f278565867992eb3a54e70f200a94efddf225b3
SHA256

3b70c5295b68259ec6b50fa8edc71dcc4c4824785cbd5a5529d828e9760311d4
SHA512

b92f9c32e447b99046ef2191e84e2e33389a6817be835f9c646bf3bb09080861cb4835009c389cbe0ebc062e891c3560bdeabfd46f7be5e5a1280c7219f4a3d9
SSDEEP

12288:51bQyqKEszzmNg6gv0OR9H9G6rMq1+M9bJ42yM5Ds662+AoQk25WQSb5J9im7TqQ:51bGWiNg6tOR9HI6B1bJ46y66x5m5WpV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  13e2a3b74ff226ef8f52e843a6e55e10N.exe
- Size
  
  723KB
- MD5
  
  13e2a3b74ff226ef8f52e843a6e55e10
- SHA1
  
  0f278565867992eb3a54e70f200a94efddf225b3
- SHA256
  
  3b70c5295b68259ec6b50fa8edc71dcc4c4824785cbd5a5529d828e9760311d4
- SHA512
  
  b92f9c32e447b99046ef2191e84e2e33389a6817be835f9c646bf3bb09080861cb4835009c389cbe0ebc062e891c3560bdeabfd46f7be5e5a1280c7219f4a3d9
- SSDEEP
  
  12288:51bQyqKEszzmNg6gv0OR9H9G6rMq1+M9bJ42yM5Ds662+AoQk25WQSb5J9im7TqQ:51bGWiNg6tOR9HI6B1bJ46y66x5m5WpV
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2