e3d7a884100ddada0b7ae3b9b4865b278ce965cc9d5795518c2731778f492997 | Triage

Sharing

General

Target

Client2.exe
Size

561KB
Sample

241121-j2a6bsznht
MD5

aca8507a376976a952a82c43b992da6d
SHA1

7a42870b1f6ff373c1102603d814a1ae03832c6e
SHA256

e3d7a884100ddada0b7ae3b9b4865b278ce965cc9d5795518c2731778f492997
SHA512

f5ed7dca6e51d61c7630649a18db19179afb639da7d0c4cf66954b53641d171ecb587f9b3c61688addbe2ecbd47c06ba74a064b07f1b5785600a353eb67cdf15
SSDEEP

6144:eL/+3efykVMMfe5jIUJWj7vF5PfOwarYtVAM6/Ro6PYwpizdbXPitUF:eLp6kCBxIUJ0rfQMf8/G6ABB0UF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Client2.exe
- Size
  
  561KB
- MD5
  
  aca8507a376976a952a82c43b992da6d
- SHA1
  
  7a42870b1f6ff373c1102603d814a1ae03832c6e
- SHA256
  
  e3d7a884100ddada0b7ae3b9b4865b278ce965cc9d5795518c2731778f492997
- SHA512
  
  f5ed7dca6e51d61c7630649a18db19179afb639da7d0c4cf66954b53641d171ecb587f9b3c61688addbe2ecbd47c06ba74a064b07f1b5785600a353eb67cdf15
- SSDEEP
  
  6144:eL/+3efykVMMfe5jIUJWj7vF5PfOwarYtVAM6/Ro6PYwpizdbXPitUF:eLp6kCBxIUJ0rfQMf8/G6ABB0UF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2