a589a9654fc45a5c71571e29b56907bc2bbbb5f0f5883c61401c0c3acf553cd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da0a1f90b14c6630e0bf84e34917bd60N.exe
Size

1001KB
Sample

240806-xj9g3a1bjc
MD5

da0a1f90b14c6630e0bf84e34917bd60
SHA1

5b017127d3fbc86e215efd86d72aae923b62d5dc
SHA256

a589a9654fc45a5c71571e29b56907bc2bbbb5f0f5883c61401c0c3acf553cd0
SHA512

e7fa94f4b9c77ef2673334e1330fd2e14677cef9a508850d0afd8fe71352fb4c616bea28892a0d59ea86db367680f96f1865ac747504614c40cf9fce1afd7604
SSDEEP

24576:0jfgIU6eTKi/AlEBvZQG25req2ec2MUKVxYzXSK8eCxUZKItHRI:0rvU6c3v5KZDMUmWD1JYQHRI

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  da0a1f90b14c6630e0bf84e34917bd60N.exe
- Size
  
  1001KB
- MD5
  
  da0a1f90b14c6630e0bf84e34917bd60
- SHA1
  
  5b017127d3fbc86e215efd86d72aae923b62d5dc
- SHA256
  
  a589a9654fc45a5c71571e29b56907bc2bbbb5f0f5883c61401c0c3acf553cd0
- SHA512
  
  e7fa94f4b9c77ef2673334e1330fd2e14677cef9a508850d0afd8fe71352fb4c616bea28892a0d59ea86db367680f96f1865ac747504614c40cf9fce1afd7604
- SSDEEP
  
  24576:0jfgIU6eTKi/AlEBvZQG25req2ec2MUKVxYzXSK8eCxUZKItHRI:0rvU6c3v5KZDMUmWD1JYQHRI
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence