3b7a5c0c1be015146cd6e783eb67e4241971bfc30ca86bc029e4a52b5412520c | Triage

Sharing

General

Target

3b7a5c0c1be015146cd6e783eb67e4241971bfc30ca86bc029e4a52b5412520cN
Size

1.1MB
Sample

241009-gdgbbsvamm
MD5

c7ac32bb327e08653e872a4e95426a70
SHA1

6f598ffc1871396445cd99e0ea4be092ec607b05
SHA256

3b7a5c0c1be015146cd6e783eb67e4241971bfc30ca86bc029e4a52b5412520c
SHA512

5d116b02d8e8bec004f5262b197c460ee17d2288682e9106e4e2280d665baff9a06c29fbea17486bfac3e460fd10b7a4c03279f0fa1dcbf14f494735a90be326
SSDEEP

24576:ln2Dnmo+BNIdKF7kS1eXgk0yGYQUXjs/lR2AmJJOYArvSvtRGR7:lem9NPF7QgklGHUTs/l0z2vu8

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  3b7a5c0c1be015146cd6e783eb67e4241971bfc30ca86bc029e4a52b5412520cN
- Size
  
  1.1MB
- MD5
  
  c7ac32bb327e08653e872a4e95426a70
- SHA1
  
  6f598ffc1871396445cd99e0ea4be092ec607b05
- SHA256
  
  3b7a5c0c1be015146cd6e783eb67e4241971bfc30ca86bc029e4a52b5412520c
- SHA512
  
  5d116b02d8e8bec004f5262b197c460ee17d2288682e9106e4e2280d665baff9a06c29fbea17486bfac3e460fd10b7a4c03279f0fa1dcbf14f494735a90be326
- SSDEEP
  
  24576:ln2Dnmo+BNIdKF7kS1eXgk0yGYQUXjs/lR2AmJJOYArvSvtRGR7:lem9NPF7QgklGHUTs/l0z2vu8
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence