33024a260ea95ec87fc4911f251d181efcaf4adf88579ee27f8f4a9e4ef0023c | Triage

Sharing

General

Target

2ab53c7723292f6e8c86ca6647961d40N.exe
Size

204KB
Sample

240824-ey2fwsvckk
MD5

2ab53c7723292f6e8c86ca6647961d40
SHA1

c84a196ea4296dbee6857af9e68d6fda8accbe25
SHA256

33024a260ea95ec87fc4911f251d181efcaf4adf88579ee27f8f4a9e4ef0023c
SHA512

0eed8c4b00581ed547510bcdd4c5d2a5e6701f4242546799533428bf57b38b77226a0b73208605f5a9c64418a02f419afc3bda06587a04b56d6bb2a936f553db
SSDEEP

3072:C5u7yT4TVbkuRaX1w71jnRkCoyJTarYWbV+HOFxg+z1WxJsqWkoyjOowUVl/TlAQ:CLexkuRaX41xoyJV65gzyZko+uc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  2ab53c7723292f6e8c86ca6647961d40N.exe
- Size
  
  204KB
- MD5
  
  2ab53c7723292f6e8c86ca6647961d40
- SHA1
  
  c84a196ea4296dbee6857af9e68d6fda8accbe25
- SHA256
  
  33024a260ea95ec87fc4911f251d181efcaf4adf88579ee27f8f4a9e4ef0023c
- SHA512
  
  0eed8c4b00581ed547510bcdd4c5d2a5e6701f4242546799533428bf57b38b77226a0b73208605f5a9c64418a02f419afc3bda06587a04b56d6bb2a936f553db
- SSDEEP
  
  3072:C5u7yT4TVbkuRaX1w71jnRkCoyJTarYWbV+HOFxg+z1WxJsqWkoyjOowUVl/TlAQ:CLexkuRaX41xoyJV65gzyZko+uc
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence