27bbcb849c6fd672625123581a661e62ee17465be0e42757308a859362707e16 | Triage

Sharing

General

Target

8658fe4c7b2264420a8f2538baa66ca0N.exe
Size

150KB
Sample

240915-k8tfxswhpp
MD5

8658fe4c7b2264420a8f2538baa66ca0
SHA1

b59922464557a7b3ffdb962568be27e083d17d40
SHA256

27bbcb849c6fd672625123581a661e62ee17465be0e42757308a859362707e16
SHA512

fa1155c632a76a257d5ad866fd66ff2c7f49d04792daebc457d30a4226c94887bf7b5efe05f13a77b19fdbd47302178ce9c7e071418bcd9f9772a40ac8107077
SSDEEP

3072:buuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:blcEY3iLXXgvRG5TFZoFQaMrHX

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8658fe4c7b2264420a8f2538baa66ca0N.exe
- Size
  
  150KB
- MD5
  
  8658fe4c7b2264420a8f2538baa66ca0
- SHA1
  
  b59922464557a7b3ffdb962568be27e083d17d40
- SHA256
  
  27bbcb849c6fd672625123581a661e62ee17465be0e42757308a859362707e16
- SHA512
  
  fa1155c632a76a257d5ad866fd66ff2c7f49d04792daebc457d30a4226c94887bf7b5efe05f13a77b19fdbd47302178ce9c7e071418bcd9f9772a40ac8107077
- SSDEEP
  
  3072:buuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:blcEY3iLXXgvRG5TFZoFQaMrHX
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence