5a7a0d6b58c90e3b96b74b62f92f3c6aaa315e0b6bafb970543efd6be0d15533 | Triage

Sharing

General

Target

5d4caf76172bf812c1260ed98a6029e0N.exe
Size

355KB
Sample

240901-eh1ves1brp
MD5

5d4caf76172bf812c1260ed98a6029e0
SHA1

9a5409e223775a785f47c4bcf278d4f4cb92c65f
SHA256

5a7a0d6b58c90e3b96b74b62f92f3c6aaa315e0b6bafb970543efd6be0d15533
SHA512

2c890da56de989d5a327e1168239dd7d3eef73c4be4d616d27f9015c6a1102a9f73e0f3f26adc09d83cc79b4cd59dfcf878598716e30c72a4b0b967a9e88adf2
SSDEEP

6144:egEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:ImWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  5d4caf76172bf812c1260ed98a6029e0N.exe
- Size
  
  355KB
- MD5
  
  5d4caf76172bf812c1260ed98a6029e0
- SHA1
  
  9a5409e223775a785f47c4bcf278d4f4cb92c65f
- SHA256
  
  5a7a0d6b58c90e3b96b74b62f92f3c6aaa315e0b6bafb970543efd6be0d15533
- SHA512
  
  2c890da56de989d5a327e1168239dd7d3eef73c4be4d616d27f9015c6a1102a9f73e0f3f26adc09d83cc79b4cd59dfcf878598716e30c72a4b0b967a9e88adf2
- SSDEEP
  
  6144:egEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:ImWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence