24ca0842c3ef2bea9d4e21eee337c47a61c50f5cd12234b27939378f4a00f556 | Triage

Sharing

General

Target

24ca0842c3ef2bea9d4e21eee337c47a61c50f5cd12234b27939378f4a00f556N
Size

4.0MB
Sample

240920-2nqyqsscnh
MD5

c56528d1cbc3c0594026728465910d10
SHA1

057a5624f687222ab06fedcd2db743df586f2b47
SHA256

24ca0842c3ef2bea9d4e21eee337c47a61c50f5cd12234b27939378f4a00f556
SHA512

894efa7c615a6283daefb106a78beeec11dd1b0dff1f0512b34c2fd73a76c21f8b918770817c978cde66c85fa47a848b1304a33e3e706f70e41ab425cd61f840
SSDEEP

98304:ZviM3gc0rOY/icq6uquyPpV2o/vZVBdI7icuqrxAkgj6:pac0rOY/ifqHhVBvZbhdq2kP

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  24ca0842c3ef2bea9d4e21eee337c47a61c50f5cd12234b27939378f4a00f556N
- Size
  
  4.0MB
- MD5
  
  c56528d1cbc3c0594026728465910d10
- SHA1
  
  057a5624f687222ab06fedcd2db743df586f2b47
- SHA256
  
  24ca0842c3ef2bea9d4e21eee337c47a61c50f5cd12234b27939378f4a00f556
- SHA512
  
  894efa7c615a6283daefb106a78beeec11dd1b0dff1f0512b34c2fd73a76c21f8b918770817c978cde66c85fa47a848b1304a33e3e706f70e41ab425cd61f840
- SSDEEP
  
  98304:ZviM3gc0rOY/icq6uquyPpV2o/vZVBdI7icuqrxAkgj6:pac0rOY/ifqHhVBvZbhdq2kP
Score

10^/10

persistence discovery
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence