726a480d8f657945dea859b502f5be70087d516109b3dc674d0aea22045a78c1 | Triage

Sharing

General

Target

726a480d8f657945dea859b502f5be70087d516109b3dc674d0aea22045a78c1
Size

338KB
Sample

241017-3fzfkswajr
MD5

1c1a3953f986a78a0cbab8ad355173ca
SHA1

27d7cf26bb775b85343d8d5374bf06000d8a549f
SHA256

726a480d8f657945dea859b502f5be70087d516109b3dc674d0aea22045a78c1
SHA512

48a476ed896206256057d3e7309dd17266202aef76a00544feb0ba5b0950cfa353ae22e93b93ec1ffcc972819c3d7a184e68a2484c25c0e6753a4be8f398c409
SSDEEP

6144:fExz45TS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvf:VTS71Dq+pcYWWqtfxvSQj2f

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  726a480d8f657945dea859b502f5be70087d516109b3dc674d0aea22045a78c1
- Size
  
  338KB
- MD5
  
  1c1a3953f986a78a0cbab8ad355173ca
- SHA1
  
  27d7cf26bb775b85343d8d5374bf06000d8a549f
- SHA256
  
  726a480d8f657945dea859b502f5be70087d516109b3dc674d0aea22045a78c1
- SHA512
  
  48a476ed896206256057d3e7309dd17266202aef76a00544feb0ba5b0950cfa353ae22e93b93ec1ffcc972819c3d7a184e68a2484c25c0e6753a4be8f398c409
- SSDEEP
  
  6144:fExz45TS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvf:VTS71Dq+pcYWWqtfxvSQj2f
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence