a6ccdc568fa0e9b7aaae35c90b97c29916664b7450f0a175ca5b285fa546b426 | Triage

Sharing

General

Target

a6ccdc568fa0e9b7aaae35c90b97c29916664b7450f0a175ca5b285fa546b426N
Size

32KB
Sample

240919-ma8t3atfkm
MD5

e3887a49ae12f1a690f940c4979ce510
SHA1

59a668df20d164d49224ac6559bcd919d1dc0c2c
SHA256

a6ccdc568fa0e9b7aaae35c90b97c29916664b7450f0a175ca5b285fa546b426
SHA512

606f2703cf12655b40f19e54104c3e02aba3470c203f8d64fcc28085167033d1aa88bb2931e6b7f66861dc22fbdddfbc616362d84c1df97057c3b6a17ed60f68
SSDEEP

384:2beWu16rYfz9ysnZtHuJaEhD2hqG13STv731otWZZS5jJdRC:21UfZysnZQD28G1CTv7lotW6Xs

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  a6ccdc568fa0e9b7aaae35c90b97c29916664b7450f0a175ca5b285fa546b426N
- Size
  
  32KB
- MD5
  
  e3887a49ae12f1a690f940c4979ce510
- SHA1
  
  59a668df20d164d49224ac6559bcd919d1dc0c2c
- SHA256
  
  a6ccdc568fa0e9b7aaae35c90b97c29916664b7450f0a175ca5b285fa546b426
- SHA512
  
  606f2703cf12655b40f19e54104c3e02aba3470c203f8d64fcc28085167033d1aa88bb2931e6b7f66861dc22fbdddfbc616362d84c1df97057c3b6a17ed60f68
- SSDEEP
  
  384:2beWu16rYfz9ysnZtHuJaEhD2hqG13STv731otWZZS5jJdRC:21UfZysnZQD28G1CTv7lotW6Xs
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistence