391f2de6b0d739e93649703e08bd8aa5489eacff99789c903633fa24a97c746b | Triage

Sharing

General

Target

241fc92010656375a2457ba4428b31e0N.exe
Size

91KB
Sample

240803-arr7eswgqk
MD5

241fc92010656375a2457ba4428b31e0
SHA1

ef39db03d0880f5860e5cb33071eeda755018405
SHA256

391f2de6b0d739e93649703e08bd8aa5489eacff99789c903633fa24a97c746b
SHA512

9701eef800338ee2edc68109069ae0fe8ba554860e1375ec697a997dee320c8d1539f45e4eae44a7ddd852eb05d2c9fdcd9f291dbd53bc58f25c8b4223da3538
SSDEEP

1536:4aiqH1s+kCtrA2UMT0mTFibDKa1Xk+SezSOY6Ukg2dTtzy:51B31bdBob2QXbSezI6UPl

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  241fc92010656375a2457ba4428b31e0N.exe
- Size
  
  91KB
- MD5
  
  241fc92010656375a2457ba4428b31e0
- SHA1
  
  ef39db03d0880f5860e5cb33071eeda755018405
- SHA256
  
  391f2de6b0d739e93649703e08bd8aa5489eacff99789c903633fa24a97c746b
- SHA512
  
  9701eef800338ee2edc68109069ae0fe8ba554860e1375ec697a997dee320c8d1539f45e4eae44a7ddd852eb05d2c9fdcd9f291dbd53bc58f25c8b4223da3538
- SSDEEP
  
  1536:4aiqH1s+kCtrA2UMT0mTFibDKa1Xk+SezSOY6Ukg2dTtzy:51B31bdBob2QXbSezI6UPl
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence