a3d5010591e784537321b4dabfe36408d7352af50aa759803333981b658176b6 | Triage

Sharing

General

Target

02c2146762b805412b64c90a4a822b90N.exe
Size

91KB
Sample

240801-zjh18azgpf
MD5

02c2146762b805412b64c90a4a822b90
SHA1

26ede40df8e4456a3e72b1bcde78f63a5987240e
SHA256

a3d5010591e784537321b4dabfe36408d7352af50aa759803333981b658176b6
SHA512

4cad647fd1f88dd551759dd5e1d6a9e680763f187e2e7d5eedeae9df2dd18d2f117cd4787f0c9af240bbea30512c0767ae127e9ffba00c796450c0d0e22d927a
SSDEEP

1536:5aiqH1s+kCtrA2UMT0mTFibDKa1xPHhkxy7wBXESs3Je:A1B31bdBob2QxPHeyMuSsM

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  02c2146762b805412b64c90a4a822b90N.exe
- Size
  
  91KB
- MD5
  
  02c2146762b805412b64c90a4a822b90
- SHA1
  
  26ede40df8e4456a3e72b1bcde78f63a5987240e
- SHA256
  
  a3d5010591e784537321b4dabfe36408d7352af50aa759803333981b658176b6
- SHA512
  
  4cad647fd1f88dd551759dd5e1d6a9e680763f187e2e7d5eedeae9df2dd18d2f117cd4787f0c9af240bbea30512c0767ae127e9ffba00c796450c0d0e22d927a
- SSDEEP
  
  1536:5aiqH1s+kCtrA2UMT0mTFibDKa1xPHhkxy7wBXESs3Je:A1B31bdBob2QxPHeyMuSsM
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence