f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481 | Triage

Sharing

General

Target

f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
Size

624KB
Sample

241120-gjz1matajr
MD5

8e15eb8b9b441de311e5c5e1b0d03eaa
SHA1

c5a468e6bf3470bd5dd36fd14651aa16c02a5d70
SHA256

f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
SHA512

a681393bf927628b6cc7c3fc719c23f8277427d1726e1ee6120f9f1faa1afa5364106f3054d9b58cf6bd4833c882e86bab5257a472a10a591f1413df401273c5
SSDEEP

12288:6IWN4Y2CAdwp/zsIWN4Y2CAdwp/zsIWN4Y2CAdwp/z:65GYswp/Q5GYswp/Q5GYswp/

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
- Size
  
  624KB
- MD5
  
  8e15eb8b9b441de311e5c5e1b0d03eaa
- SHA1
  
  c5a468e6bf3470bd5dd36fd14651aa16c02a5d70
- SHA256
  
  f665b2057b3aae44607c4a5d9ec20695c997122e7adf4d3a60bce0399f7c3481
- SHA512
  
  a681393bf927628b6cc7c3fc719c23f8277427d1726e1ee6120f9f1faa1afa5364106f3054d9b58cf6bd4833c882e86bab5257a472a10a591f1413df401273c5
- SSDEEP
  
  12288:6IWN4Y2CAdwp/zsIWN4Y2CAdwp/zsIWN4Y2CAdwp/z:65GYswp/Q5GYswp/Q5GYswp/
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence