ed8c50a22892588310327a8e2ce6f1e20e22626677f912acd25a57dedf1e0015 | Triage

Sharing

General

Target

430f9f9361cb04db55d14de9cdc19cd0N.exe
Size

648KB
Sample

240802-dcejkawgkd
MD5

430f9f9361cb04db55d14de9cdc19cd0
SHA1

2b992bfb8c6638067f08868588445198c9dccdfd
SHA256

ed8c50a22892588310327a8e2ce6f1e20e22626677f912acd25a57dedf1e0015
SHA512

281d8f74b8b64f103787bc609cecd8e8c347ba24077197c012a148919025d5f98b1fe98500a419470d3031e0fec4884499bee8f0eac675d3a09893c8663acc22
SSDEEP

12288:V1b8l0HApIkopKv35U1BlCblRXpv+UhUNyn2KWtqxsgx9w1bfuVM8y3KmodAc375:V1b8eHAuY35U1Op9HZ2M+gkjgNyKmodX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  430f9f9361cb04db55d14de9cdc19cd0N.exe
- Size
  
  648KB
- MD5
  
  430f9f9361cb04db55d14de9cdc19cd0
- SHA1
  
  2b992bfb8c6638067f08868588445198c9dccdfd
- SHA256
  
  ed8c50a22892588310327a8e2ce6f1e20e22626677f912acd25a57dedf1e0015
- SHA512
  
  281d8f74b8b64f103787bc609cecd8e8c347ba24077197c012a148919025d5f98b1fe98500a419470d3031e0fec4884499bee8f0eac675d3a09893c8663acc22
- SSDEEP
  
  12288:V1b8l0HApIkopKv35U1BlCblRXpv+UhUNyn2KWtqxsgx9w1bfuVM8y3KmodAc375:V1b8eHAuY35U1Op9HZ2M+gkjgNyKmodX
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence