967df8a76c3642cc2981d3eb40e153a53fdbf89daa93117f945e2d89cba6461b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

907a4237931d319c4271ed6347936410N.exe
Size

360KB
Sample

240721-jxl22aycnm
MD5

907a4237931d319c4271ed6347936410
SHA1

32d84019713b6b623da248dafad6fe5ceef418d2
SHA256

967df8a76c3642cc2981d3eb40e153a53fdbf89daa93117f945e2d89cba6461b
SHA512

15a73ba4278e84f399e1f480c5e43d0c330b26c25b7c88f34724c3b2eade179fa692454b87cd13b5e776e22818f68b6dc30ffcd419c2d3d771dfff0bd47b9cf4
SSDEEP

6144:p731bdBaB+oWmUv6I8iWdz4utSTxMXFgBxxNQuHt1xwrWP0REqRKzQ6wx:p1bIWvD8jdz4utSTxww1xwrawXRLt

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  907a4237931d319c4271ed6347936410N.exe
- Size
  
  360KB
- MD5
  
  907a4237931d319c4271ed6347936410
- SHA1
  
  32d84019713b6b623da248dafad6fe5ceef418d2
- SHA256
  
  967df8a76c3642cc2981d3eb40e153a53fdbf89daa93117f945e2d89cba6461b
- SHA512
  
  15a73ba4278e84f399e1f480c5e43d0c330b26c25b7c88f34724c3b2eade179fa692454b87cd13b5e776e22818f68b6dc30ffcd419c2d3d771dfff0bd47b9cf4
- SSDEEP
  
  6144:p731bdBaB+oWmUv6I8iWdz4utSTxMXFgBxxNQuHt1xwrWP0REqRKzQ6wx:p1bIWvD8jdz4utSTxww1xwrawXRLt
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2