51dd4827ec9d1e9b61683310d2c93722eb8123c80934911616e9bffb600d72a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51dd4827ec9d1e9b61683310d2c93722eb8123c80934911616e9bffb600d72a7N
Size

1.8MB
Sample

240919-dvhzpsyaqa
MD5

8b1da3a9c896385b53d50442a4f3aeb0
SHA1

5239e92ec183bfe4ca13465b5561f97eec3d30db
SHA256

51dd4827ec9d1e9b61683310d2c93722eb8123c80934911616e9bffb600d72a7
SHA512

4319aca811a0b87103fdba0664aebd907f91aaeb997dd79ef500235ff608a1986feb5efa92553f71acb2a5d4c774c02bf97666724257e6aa01d1aa5175ef3e00
SSDEEP

24576:awJe3wJe3wJejwJe3wJe3wJejwJe3wJe3wJe:ZJegJegJeUJegJegJeUJegJegJe

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  51dd4827ec9d1e9b61683310d2c93722eb8123c80934911616e9bffb600d72a7N
- Size
  
  1.8MB
- MD5
  
  8b1da3a9c896385b53d50442a4f3aeb0
- SHA1
  
  5239e92ec183bfe4ca13465b5561f97eec3d30db
- SHA256
  
  51dd4827ec9d1e9b61683310d2c93722eb8123c80934911616e9bffb600d72a7
- SHA512
  
  4319aca811a0b87103fdba0664aebd907f91aaeb997dd79ef500235ff608a1986feb5efa92553f71acb2a5d4c774c02bf97666724257e6aa01d1aa5175ef3e00
- SSDEEP
  
  24576:awJe3wJe3wJejwJe3wJe3wJejwJe3wJe3wJe:ZJegJegJeUJegJegJeUJegJegJe
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence