1447b2d2f8b0f9979976c4a55f5f8c71ae484c3fca50a707fd295358b52cf8a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c965694a05e9f0c8c592a60a55382f00N.exe
Size

1.0MB
Sample

240802-yvebqstaqa
MD5

c965694a05e9f0c8c592a60a55382f00
SHA1

e759373ea1a99deeeda9f6f1edcf5960ba718111
SHA256

1447b2d2f8b0f9979976c4a55f5f8c71ae484c3fca50a707fd295358b52cf8a4
SHA512

9a34dd467539414106a9c0540f1da425029240618a911be4b9309d66ab32b69833e904099d39e819d8d0b44748455e8b171dd34b048929be27af71d2be28f56a
SSDEEP

24576:51bWskQL2jINViDsO/mwcKvR60qrNmOXD/odsfwP83ggnK:5IQMOVMc4fcNm8JfWXKK

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  c965694a05e9f0c8c592a60a55382f00N.exe
- Size
  
  1.0MB
- MD5
  
  c965694a05e9f0c8c592a60a55382f00
- SHA1
  
  e759373ea1a99deeeda9f6f1edcf5960ba718111
- SHA256
  
  1447b2d2f8b0f9979976c4a55f5f8c71ae484c3fca50a707fd295358b52cf8a4
- SHA512
  
  9a34dd467539414106a9c0540f1da425029240618a911be4b9309d66ab32b69833e904099d39e819d8d0b44748455e8b171dd34b048929be27af71d2be28f56a
- SSDEEP
  
  24576:51bWskQL2jINViDsO/mwcKvR60qrNmOXD/odsfwP83ggnK:5IQMOVMc4fcNm8JfWXKK
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence