a287adaeacb0a14ec976f1c3d045a901690968483c5193353a479142563dbc14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f267ef35fbdbb6d6322b75f45d217500N.exe
Size

784KB
Sample

240725-yzczgasbkl
MD5

f267ef35fbdbb6d6322b75f45d217500
SHA1

0c463a77e169bcd3fcc691931c3c0d0fded46153
SHA256

a287adaeacb0a14ec976f1c3d045a901690968483c5193353a479142563dbc14
SHA512

a796faba3b92cea530e471fd19c986876c3d1370fec13de9db0efcb52c523e53ecfa3cc26f0fbe41530644434d0b0e4c661af0ecc6191a015a89cc6a929e5896
SSDEEP

24576:xsIgXQl7To81+lffen0UaktXAfUrK42+P/6p:JS81+lOhaIAB4HP/6p

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  f267ef35fbdbb6d6322b75f45d217500N.exe
- Size
  
  784KB
- MD5
  
  f267ef35fbdbb6d6322b75f45d217500
- SHA1
  
  0c463a77e169bcd3fcc691931c3c0d0fded46153
- SHA256
  
  a287adaeacb0a14ec976f1c3d045a901690968483c5193353a479142563dbc14
- SHA512
  
  a796faba3b92cea530e471fd19c986876c3d1370fec13de9db0efcb52c523e53ecfa3cc26f0fbe41530644434d0b0e4c661af0ecc6191a015a89cc6a929e5896
- SSDEEP
  
  24576:xsIgXQl7To81+lffen0UaktXAfUrK42+P/6p:JS81+lOhaIAB4HP/6p
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence