8bb02be5f0a06d5cd19ec52be40e52499a0df669cca52282c84363985ea3e778 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

838277bbb4a21e7bbd263ca79d1da950N.exe
Size

1.7MB
Sample

240802-k5999syejf
MD5

838277bbb4a21e7bbd263ca79d1da950
SHA1

29e73ac8531669ecfa9cb046c26ef5c310af4813
SHA256

8bb02be5f0a06d5cd19ec52be40e52499a0df669cca52282c84363985ea3e778
SHA512

1640f610fa2ced77c34e3e7467bf1832f03653ed738e698cef0263dceab1d4e3daaa181b9f78f54385c7efe857501fbacb6fe5663d2df8dfc04401b9c0f77aa5
SSDEEP

49152:5Iw3l1Z7gFikqZV0Qoyd/pqZ2GLAm9FJyix:Cw1ng0kqP7oyd/SLAmDkix

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  838277bbb4a21e7bbd263ca79d1da950N.exe
- Size
  
  1.7MB
- MD5
  
  838277bbb4a21e7bbd263ca79d1da950
- SHA1
  
  29e73ac8531669ecfa9cb046c26ef5c310af4813
- SHA256
  
  8bb02be5f0a06d5cd19ec52be40e52499a0df669cca52282c84363985ea3e778
- SHA512
  
  1640f610fa2ced77c34e3e7467bf1832f03653ed738e698cef0263dceab1d4e3daaa181b9f78f54385c7efe857501fbacb6fe5663d2df8dfc04401b9c0f77aa5
- SSDEEP
  
  49152:5Iw3l1Z7gFikqZV0Qoyd/pqZ2GLAm9FJyix:Cw1ng0kqP7oyd/SLAmDkix
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence