43e5c3433d77380bbbaf799e182389d289c80e0427332f18fced165221aa5c5d | Triage

Sharing

General

Target

43e5c3433d77380bbbaf799e182389d289c80e0427332f18fced165221aa5c5d.exe
Size

237KB
Sample

241120-ea6eyazdnd
MD5

69466e731fd2ba477db41d11e59c073d
SHA1

696da7333a67e32710415214d1ea985e73fbd481
SHA256

43e5c3433d77380bbbaf799e182389d289c80e0427332f18fced165221aa5c5d
SHA512

6b2a33e01f97e400afa7b5d31f0b1e753b1516c0410e75a2d6f9f445b50ac059c17ed6e73b153a2e89cc764a9dbf6caa7fc7bd05b9e33317772a06c21ad722fd
SSDEEP

6144:FD8okEvTyoZVOgd2QZiw5NLclL5orfQHn:NsjCF2QZiOU+4n

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  43e5c3433d77380bbbaf799e182389d289c80e0427332f18fced165221aa5c5d.exe
- Size
  
  237KB
- MD5
  
  69466e731fd2ba477db41d11e59c073d
- SHA1
  
  696da7333a67e32710415214d1ea985e73fbd481
- SHA256
  
  43e5c3433d77380bbbaf799e182389d289c80e0427332f18fced165221aa5c5d
- SHA512
  
  6b2a33e01f97e400afa7b5d31f0b1e753b1516c0410e75a2d6f9f445b50ac059c17ed6e73b153a2e89cc764a9dbf6caa7fc7bd05b9e33317772a06c21ad722fd
- SSDEEP
  
  6144:FD8okEvTyoZVOgd2QZiw5NLclL5orfQHn:NsjCF2QZiOU+4n
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence