cae5cabf623e8eaf6e9f94f5657e5270aea0b8b314a540c31da39d79d0488905 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45554acb84346de2a627484ed5e74600N
Size

41KB
Sample

240914-xa7xwazanh
MD5

45554acb84346de2a627484ed5e74600
SHA1

955fdc3a37cae760e967f870f97bd1e6026c55d6
SHA256

cae5cabf623e8eaf6e9f94f5657e5270aea0b8b314a540c31da39d79d0488905
SHA512

edf2d879d9b74f0351bd6db970e1dc80267d6c6b058c8c1a20deeed0d96bdd410a58ac111ec8cb69845cfffb7dfe5c34d16ad31bca76fa3b704259bed58d1085
SSDEEP

768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdh:+WNBGBrM6Fv6mkqyok

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  45554acb84346de2a627484ed5e74600N
- Size
  
  41KB
- MD5
  
  45554acb84346de2a627484ed5e74600
- SHA1
  
  955fdc3a37cae760e967f870f97bd1e6026c55d6
- SHA256
  
  cae5cabf623e8eaf6e9f94f5657e5270aea0b8b314a540c31da39d79d0488905
- SHA512
  
  edf2d879d9b74f0351bd6db970e1dc80267d6c6b058c8c1a20deeed0d96bdd410a58ac111ec8cb69845cfffb7dfe5c34d16ad31bca76fa3b704259bed58d1085
- SSDEEP
  
  768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdh:+WNBGBrM6Fv6mkqyok
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence