82cdb515346c46bd672afea4f52d936a1886818477d5f0bf4bc6056067d51eb5 | Triage

Sharing

General

Target

3f6f68f74ccae8afd0de6996f58978f0N.exe
Size

212KB
Sample

240724-dlewpavdjl
MD5

3f6f68f74ccae8afd0de6996f58978f0
SHA1

073ecf54d85162d3b25c175cfcc874d6bc29590e
SHA256

82cdb515346c46bd672afea4f52d936a1886818477d5f0bf4bc6056067d51eb5
SHA512

55dc89aee1192f193b8fa56114aae5a3c645f32e50be2b58b1840c9549bfe220515372b05f311e2f63b1467bff97edaf9df14cb677ac3dedf388cb77d11139c7
SSDEEP

3072:mGwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:mG/iVkO20SFgBhxtW9mG9+Umt3Ezjb

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3f6f68f74ccae8afd0de6996f58978f0N.exe
- Size
  
  212KB
- MD5
  
  3f6f68f74ccae8afd0de6996f58978f0
- SHA1
  
  073ecf54d85162d3b25c175cfcc874d6bc29590e
- SHA256
  
  82cdb515346c46bd672afea4f52d936a1886818477d5f0bf4bc6056067d51eb5
- SHA512
  
  55dc89aee1192f193b8fa56114aae5a3c645f32e50be2b58b1840c9549bfe220515372b05f311e2f63b1467bff97edaf9df14cb677ac3dedf388cb77d11139c7
- SSDEEP
  
  3072:mGwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:mG/iVkO20SFgBhxtW9mG9+Umt3Ezjb
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence