f94373994e6317afae212224ddd05ef8cc76bc28c01a413b544d123283e87884 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91d83e05b7a311df3ec29c81a01a02d0N.exe
Size

244KB
Sample

240806-l2rt7azfrc
MD5

91d83e05b7a311df3ec29c81a01a02d0
SHA1

1ef471727fd107147b3998bdef4869c378e29541
SHA256

f94373994e6317afae212224ddd05ef8cc76bc28c01a413b544d123283e87884
SHA512

af3fefe42415b1efad667f21fbc7cfa205cd0b7fc76606419da6f9d01241c6a1af8d125daa189b9d8acdc65d0fa9f74322e09ea716a2949dec06d1479e288e71
SSDEEP

6144:vEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:QAylvv5YRwh9HYd61xhmX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  91d83e05b7a311df3ec29c81a01a02d0N.exe
- Size
  
  244KB
- MD5
  
  91d83e05b7a311df3ec29c81a01a02d0
- SHA1
  
  1ef471727fd107147b3998bdef4869c378e29541
- SHA256
  
  f94373994e6317afae212224ddd05ef8cc76bc28c01a413b544d123283e87884
- SHA512
  
  af3fefe42415b1efad667f21fbc7cfa205cd0b7fc76606419da6f9d01241c6a1af8d125daa189b9d8acdc65d0fa9f74322e09ea716a2949dec06d1479e288e71
- SSDEEP
  
  6144:vEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:QAylvv5YRwh9HYd61xhmX
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence