d0af811164d3baeca7fb42738a122098de21776033548cb3427b3e6c8393e05b | Triage

Sharing

General

Target

d0af811164d3baeca7fb42738a122098de21776033548cb3427b3e6c8393e05bN
Size

35KB
Sample

240919-hzvarawgjg
MD5

0a7e419074c0409c9c4e333ba7f2c200
SHA1

bbc2b431c49e84fd75f4fbd9269dc3b06ce123d8
SHA256

d0af811164d3baeca7fb42738a122098de21776033548cb3427b3e6c8393e05b
SHA512

2c474080cc868351584470c4138b18d445431fa4cd9b357ef4ae9b0a757872b5f3047c021756fc114fce7e2b356fc718365241314d35a2619ea7d305abcac35d
SSDEEP

768:m2VJyePxXbLYTSsrUIZ6kyzrLhRNiouDFELVJPG5p5:m2By9QIZgzrlLiomKLVJP

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  d0af811164d3baeca7fb42738a122098de21776033548cb3427b3e6c8393e05bN
- Size
  
  35KB
- MD5
  
  0a7e419074c0409c9c4e333ba7f2c200
- SHA1
  
  bbc2b431c49e84fd75f4fbd9269dc3b06ce123d8
- SHA256
  
  d0af811164d3baeca7fb42738a122098de21776033548cb3427b3e6c8393e05b
- SHA512
  
  2c474080cc868351584470c4138b18d445431fa4cd9b357ef4ae9b0a757872b5f3047c021756fc114fce7e2b356fc718365241314d35a2619ea7d305abcac35d
- SSDEEP
  
  768:m2VJyePxXbLYTSsrUIZ6kyzrLhRNiouDFELVJPG5p5:m2By9QIZgzrlLiomKLVJP
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistence