10cd970436cd4eb1a29b0dd9156fe0585ec2902949581cd2f28bdee2d0432776 | Triage

Sharing

General

Target

8a67ddcf0a4507f3880072d7c2d508d0N.exe
Size

355KB
Sample

240814-e6hzhswhlh
MD5

8a67ddcf0a4507f3880072d7c2d508d0
SHA1

9095eca8a11808e7b8d7c5b45620b84411273235
SHA256

10cd970436cd4eb1a29b0dd9156fe0585ec2902949581cd2f28bdee2d0432776
SHA512

6fb896fb8b9163546152c7ece5e0c0a3f57e4da9d0f5b263e5ba2aff0a8dbde5029cfa63965e2a685f4be6f8b59bb1a47fdea6c50f1096ae2ceeadcf48dcbb1f
SSDEEP

6144:1gEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:zmWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8a67ddcf0a4507f3880072d7c2d508d0N.exe
- Size
  
  355KB
- MD5
  
  8a67ddcf0a4507f3880072d7c2d508d0
- SHA1
  
  9095eca8a11808e7b8d7c5b45620b84411273235
- SHA256
  
  10cd970436cd4eb1a29b0dd9156fe0585ec2902949581cd2f28bdee2d0432776
- SHA512
  
  6fb896fb8b9163546152c7ece5e0c0a3f57e4da9d0f5b263e5ba2aff0a8dbde5029cfa63965e2a685f4be6f8b59bb1a47fdea6c50f1096ae2ceeadcf48dcbb1f
- SSDEEP
  
  6144:1gEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:zmWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence