233842fc1f0e03f3d87afcf8628674d51013cdc24fbdda9e800ad332db3ad177 | Triage

Sharing

General

Target

233842fc1f0e03f3d87afcf8628674d51013cdc24fbdda9e800ad332db3ad177
Size

356KB
Sample

240824-y5gvlsyhlm
MD5

c6bf8dce10c797281105f773d87befd9
SHA1

b1c30f800c4b122b380e30f72e3eb4b8814f23a5
SHA256

233842fc1f0e03f3d87afcf8628674d51013cdc24fbdda9e800ad332db3ad177
SHA512

a30b28731f3a265e95e211374c27c629ce591636cf8f765e1aa1f4684d69130e9c5365bb2bcc026e4a79a8f07db90804a2673e0d656c4a215205a16a1f6ae274
SSDEEP

6144:p3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:+mWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  233842fc1f0e03f3d87afcf8628674d51013cdc24fbdda9e800ad332db3ad177
- Size
  
  356KB
- MD5
  
  c6bf8dce10c797281105f773d87befd9
- SHA1
  
  b1c30f800c4b122b380e30f72e3eb4b8814f23a5
- SHA256
  
  233842fc1f0e03f3d87afcf8628674d51013cdc24fbdda9e800ad332db3ad177
- SHA512
  
  a30b28731f3a265e95e211374c27c629ce591636cf8f765e1aa1f4684d69130e9c5365bb2bcc026e4a79a8f07db90804a2673e0d656c4a215205a16a1f6ae274
- SSDEEP
  
  6144:p3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:+mWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence