008f00ab3faae0a08cc6bed2164bee392f36b5bf2b387f56856b573cab42f5de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46db3e304e9640f9661832428bdc15f0N.exe
Size

204KB
Sample

240803-efz54ssdrk
MD5

46db3e304e9640f9661832428bdc15f0
SHA1

3de5ea13983e9260c6c45fb2c10df414992256d4
SHA256

008f00ab3faae0a08cc6bed2164bee392f36b5bf2b387f56856b573cab42f5de
SHA512

d30762e3928a503012a37e4d3c82fd137bfb2cae41abfbb8e4410aa04025ce6f218d21840eaed5956298ea1d326d5b6a70c2732770b346650cdcd3e14d9865c1
SSDEEP

3072:HaSdR9c1/fuWL0AjMilpCOT+kICtApWFK1WHk25weLcKznxbQFFNj6QU:H7oFuhAwM+kICeseWEEPznxbJ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  46db3e304e9640f9661832428bdc15f0N.exe
- Size
  
  204KB
- MD5
  
  46db3e304e9640f9661832428bdc15f0
- SHA1
  
  3de5ea13983e9260c6c45fb2c10df414992256d4
- SHA256
  
  008f00ab3faae0a08cc6bed2164bee392f36b5bf2b387f56856b573cab42f5de
- SHA512
  
  d30762e3928a503012a37e4d3c82fd137bfb2cae41abfbb8e4410aa04025ce6f218d21840eaed5956298ea1d326d5b6a70c2732770b346650cdcd3e14d9865c1
- SSDEEP
  
  3072:HaSdR9c1/fuWL0AjMilpCOT+kICtApWFK1WHk25weLcKznxbQFFNj6QU:H7oFuhAwM+kICeseWEEPznxbJ
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence