bcf6ab7b42849d6693a6c53faad0de7a143cfc148bf7e495f9e6fce2d4674cce | Triage

Sharing

General

Target

bcf6ab7b42849d6693a6c53faad0de7a143cfc148bf7e495f9e6fce2d4674cce
Size

338KB
Sample

240726-dabd5avdjh
MD5

7731195245ce0fa2315f570c08705ea5
SHA1

342f4febc4ba3c227b4347c63c45e6edfa64a426
SHA256

bcf6ab7b42849d6693a6c53faad0de7a143cfc148bf7e495f9e6fce2d4674cce
SHA512

4ab03abe0956345ac21aa5e0e4e39833e8d55892c546a632b0a5da7186b560e458ab46fd7f054ea5d13e0c47d2826ca3ed6729f234a8791bd1d62002adb62d0e
SSDEEP

6144:FExz45SS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvf:fSS71Dq+pcYWWqtfxvSQj2f

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  bcf6ab7b42849d6693a6c53faad0de7a143cfc148bf7e495f9e6fce2d4674cce
- Size
  
  338KB
- MD5
  
  7731195245ce0fa2315f570c08705ea5
- SHA1
  
  342f4febc4ba3c227b4347c63c45e6edfa64a426
- SHA256
  
  bcf6ab7b42849d6693a6c53faad0de7a143cfc148bf7e495f9e6fce2d4674cce
- SHA512
  
  4ab03abe0956345ac21aa5e0e4e39833e8d55892c546a632b0a5da7186b560e458ab46fd7f054ea5d13e0c47d2826ca3ed6729f234a8791bd1d62002adb62d0e
- SSDEEP
  
  6144:FExz45SS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvf:fSS71Dq+pcYWWqtfxvSQj2f
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence