012a25fa2c9445cdf53f52fea286c839c5f2cdeb15baa35ffd4167ea9171deca | Triage

Sharing

General

Target

012a25fa2c9445cdf53f52fea286c839c5f2cdeb15baa35ffd4167ea9171decaN
Size

252KB
Sample

240920-cc8xqsshqe
MD5

e39ce2739dd0c930725f1e5e5e22c030
SHA1

124c024c30c876bc2f4c1055d6f9760ba76cee5b
SHA256

012a25fa2c9445cdf53f52fea286c839c5f2cdeb15baa35ffd4167ea9171deca
SHA512

65285d5dc543b242266ffcfc47ccfd02bb16d71cc79abf6b456fc1896e6f7ec906c6617b4a9177adc16070cf458061b65d162f46f67ecd0efc5adf7203531422
SSDEEP

6144:8Utp0z3+LgGPr3kaFegtrSPwaA+0gIk2Nzzzf7k:v7W3+EGj3kaF/riA+XIk2NzY

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  012a25fa2c9445cdf53f52fea286c839c5f2cdeb15baa35ffd4167ea9171decaN
- Size
  
  252KB
- MD5
  
  e39ce2739dd0c930725f1e5e5e22c030
- SHA1
  
  124c024c30c876bc2f4c1055d6f9760ba76cee5b
- SHA256
  
  012a25fa2c9445cdf53f52fea286c839c5f2cdeb15baa35ffd4167ea9171deca
- SHA512
  
  65285d5dc543b242266ffcfc47ccfd02bb16d71cc79abf6b456fc1896e6f7ec906c6617b4a9177adc16070cf458061b65d162f46f67ecd0efc5adf7203531422
- SSDEEP
  
  6144:8Utp0z3+LgGPr3kaFegtrSPwaA+0gIk2Nzzzf7k:v7W3+EGj3kaF/riA+XIk2NzY
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2