72f1bc4cd9491f77f9edb830fb8f5b7c25386f3e0feb4019817bcc00199bb482 | Triage

Sharing

General

Target

72f1bc4cd9491f77f9edb830fb8f5b7c25386f3e0feb4019817bcc00199bb482
Size

208KB
Sample

240802-22v5lsyerb
MD5

98723ad424a6d5f8a2c0475b51442e96
SHA1

d7fd90ed9ee06def63888eb373b3a5a2353803b2
SHA256

72f1bc4cd9491f77f9edb830fb8f5b7c25386f3e0feb4019817bcc00199bb482
SHA512

17b3d43028eb7f4af739b4dd90fe82888bd7b3e35c2047ba294da8f7e3cc227a0d7c835bcd088e7fc40d06e9f8ceb26bd3aa1743576c6782ecb4f77e7ffceaca
SSDEEP

6144:mJRDxRqdSqQts6iRZsTZuDbhivDVDN8zqF3:mcjQKUZigDVJ5

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  72f1bc4cd9491f77f9edb830fb8f5b7c25386f3e0feb4019817bcc00199bb482
- Size
  
  208KB
- MD5
  
  98723ad424a6d5f8a2c0475b51442e96
- SHA1
  
  d7fd90ed9ee06def63888eb373b3a5a2353803b2
- SHA256
  
  72f1bc4cd9491f77f9edb830fb8f5b7c25386f3e0feb4019817bcc00199bb482
- SHA512
  
  17b3d43028eb7f4af739b4dd90fe82888bd7b3e35c2047ba294da8f7e3cc227a0d7c835bcd088e7fc40d06e9f8ceb26bd3aa1743576c6782ecb4f77e7ffceaca
- SSDEEP
  
  6144:mJRDxRqdSqQts6iRZsTZuDbhivDVDN8zqF3:mcjQKUZigDVJ5
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence