7d2e8f5dab4586a438b2360ff399b86ed9d0c72f0324fe21d83dedc0e863304f | Triage

Sharing

General

Target

Client4.exe
Size

532KB
Sample

241122-bfxhfa1lcx
MD5

6d2e4a0fa025c3f4f73ec8d739112492
SHA1

211336573950a59f7e71d25ddef3be6ea74e009a
SHA256

7d2e8f5dab4586a438b2360ff399b86ed9d0c72f0324fe21d83dedc0e863304f
SHA512

894a4f0fdbad0172b64ccbeea91ae544678dd1fa924577b20fe1a7c3d21f53917618fb01464b8c8771343eb73bce49bd7a61bfc1a91ea4931bb9c1754f6d1aff
SSDEEP

6144:k2sShSigjcPMN6H0PbPTOhsfebU8tSOtVmbNMczZWBbw6dJq16HsD:7L5PMN6Hu7OqcntVmbu3JpM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Client4.exe
- Size
  
  532KB
- MD5
  
  6d2e4a0fa025c3f4f73ec8d739112492
- SHA1
  
  211336573950a59f7e71d25ddef3be6ea74e009a
- SHA256
  
  7d2e8f5dab4586a438b2360ff399b86ed9d0c72f0324fe21d83dedc0e863304f
- SHA512
  
  894a4f0fdbad0172b64ccbeea91ae544678dd1fa924577b20fe1a7c3d21f53917618fb01464b8c8771343eb73bce49bd7a61bfc1a91ea4931bb9c1754f6d1aff
- SSDEEP
  
  6144:k2sShSigjcPMN6H0PbPTOhsfebU8tSOtVmbNMczZWBbw6dJq16HsD:7L5PMN6Hu7OqcntVmbu3JpM
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2