9070d0547d439d3b40fe9d041cda4a43089098333e61caaffdc26d4f138c5f5f | Triage

Sharing

General

Target

9070d0547d439d3b40fe9d041cda4a43089098333e61caaffdc26d4f138c5f5f.exe
Size

41KB
Sample

241122-khrjmsxndy
MD5

07b36100673d47b1b4c4d4e152683aa3
SHA1

5c9d9457dd414ceda490146565b6841c5d6aa7d1
SHA256

9070d0547d439d3b40fe9d041cda4a43089098333e61caaffdc26d4f138c5f5f
SHA512

e15f7d3ca7bfcd85d6bb51a843126a90cb0e8b4e41d3f5fa5f3d10b98945123b5948a3485688b2ff1a02794f10d99f45aeca6e78092ab449fe974adabc0639dc
SSDEEP

768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdQ:+WNBGBrM6Fv6mkqyod

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  9070d0547d439d3b40fe9d041cda4a43089098333e61caaffdc26d4f138c5f5f.exe
- Size
  
  41KB
- MD5
  
  07b36100673d47b1b4c4d4e152683aa3
- SHA1
  
  5c9d9457dd414ceda490146565b6841c5d6aa7d1
- SHA256
  
  9070d0547d439d3b40fe9d041cda4a43089098333e61caaffdc26d4f138c5f5f
- SHA512
  
  e15f7d3ca7bfcd85d6bb51a843126a90cb0e8b4e41d3f5fa5f3d10b98945123b5948a3485688b2ff1a02794f10d99f45aeca6e78092ab449fe974adabc0639dc
- SSDEEP
  
  768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdQ:+WNBGBrM6Fv6mkqyod
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence