a4e303fb9284ffcb108ad545f8f7203cf796aa1a02f906ba45a6faedea8390e8 | Triage

Sharing

General

Target

4c16c5a6200165d3cf90a5f645e26ab0N.exe
Size

212KB
Sample

240802-d6qtpatfpk
MD5

4c16c5a6200165d3cf90a5f645e26ab0
SHA1

b35f2c6730414ee91dfbe6c410dc04bf0d146196
SHA256

a4e303fb9284ffcb108ad545f8f7203cf796aa1a02f906ba45a6faedea8390e8
SHA512

7269a0b03613fd7666ea599fb34160ce13e462914e6ad0a97f3ecc49ae254472fcf18b52859edccd04d7d0e62289aaa05ef575c0be80fb2176d4123e5000673e
SSDEEP

6144:zob34ERMS/H7YAVsobrVn5G4E3Hi96mbQzJWFO8Omw4G:EboEj/8ASWM4Ki96/zqIKG

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  4c16c5a6200165d3cf90a5f645e26ab0N.exe
- Size
  
  212KB
- MD5
  
  4c16c5a6200165d3cf90a5f645e26ab0
- SHA1
  
  b35f2c6730414ee91dfbe6c410dc04bf0d146196
- SHA256
  
  a4e303fb9284ffcb108ad545f8f7203cf796aa1a02f906ba45a6faedea8390e8
- SHA512
  
  7269a0b03613fd7666ea599fb34160ce13e462914e6ad0a97f3ecc49ae254472fcf18b52859edccd04d7d0e62289aaa05ef575c0be80fb2176d4123e5000673e
- SSDEEP
  
  6144:zob34ERMS/H7YAVsobrVn5G4E3Hi96mbQzJWFO8Omw4G:EboEj/8ASWM4Ki96/zqIKG
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence