ccf371f130681c9c3f884706edf3b8730219256e93cab96780fd1f44901c18fb | Triage

Sharing

General

Target

ccf371f130681c9c3f884706edf3b8730219256e93cab96780fd1f44901c18fb.exe
Size

338KB
Sample

241120-d3a9ts1amn
MD5

8381fa95b5086f2458e312417ef2ad08
SHA1

3715543c229b41966b9676467c2164f3ab1442ad
SHA256

ccf371f130681c9c3f884706edf3b8730219256e93cab96780fd1f44901c18fb
SHA512

aab06d243347348ba2a41201b38ad9c1f2a40aa3b3b496956621d7b81caab451a0136716d6311f6966cbce9f73c70d8898bc65479fad85e88a34e482a49a43d4
SSDEEP

6144:uExz45TS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvfr:8TS71Dq+pcYWWqtfxvSQj2fr

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ccf371f130681c9c3f884706edf3b8730219256e93cab96780fd1f44901c18fb.exe
- Size
  
  338KB
- MD5
  
  8381fa95b5086f2458e312417ef2ad08
- SHA1
  
  3715543c229b41966b9676467c2164f3ab1442ad
- SHA256
  
  ccf371f130681c9c3f884706edf3b8730219256e93cab96780fd1f44901c18fb
- SHA512
  
  aab06d243347348ba2a41201b38ad9c1f2a40aa3b3b496956621d7b81caab451a0136716d6311f6966cbce9f73c70d8898bc65479fad85e88a34e482a49a43d4
- SSDEEP
  
  6144:uExz45TS77IQi8Dq+9fXphN2LfjEcYzaWqr57Q7Xwxc4SQjWvvfr:8TS71Dq+pcYWWqtfxvSQj2fr
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence