afc6625d58225e668e7369871a5e5ab52232f2fec1e553ee668999c80482368c | Triage

Sharing

General

Target

afc6625d58225e668e7369871a5e5ab52232f2fec1e553ee668999c80482368c
Size

203KB
Sample

240817-eeg8xayeqr
MD5

0657ba734321626a97d1f62507bf35d5
SHA1

a3ff60f16b347cb8320cab38111f4d32449bc3a9
SHA256

afc6625d58225e668e7369871a5e5ab52232f2fec1e553ee668999c80482368c
SHA512

35e409cc7451f9138ad455d6d2e2afe58f3856eb29027caffb9a3a3ce48d8a5e06ff0d80c0310e033697561ebfe03d38e5c453862da630599d9d3d1c896b8468
SSDEEP

6144:uEL1lvsWYuOiMnGNuuF8XcfI2MPO7qhnhF9mD:XnksHxyXcfIRhFE

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  afc6625d58225e668e7369871a5e5ab52232f2fec1e553ee668999c80482368c
- Size
  
  203KB
- MD5
  
  0657ba734321626a97d1f62507bf35d5
- SHA1
  
  a3ff60f16b347cb8320cab38111f4d32449bc3a9
- SHA256
  
  afc6625d58225e668e7369871a5e5ab52232f2fec1e553ee668999c80482368c
- SHA512
  
  35e409cc7451f9138ad455d6d2e2afe58f3856eb29027caffb9a3a3ce48d8a5e06ff0d80c0310e033697561ebfe03d38e5c453862da630599d9d3d1c896b8468
- SSDEEP
  
  6144:uEL1lvsWYuOiMnGNuuF8XcfI2MPO7qhnhF9mD:XnksHxyXcfIRhFE
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence