b06cce27881341de91512a649f4f2da4cdaa39564908471cf1b7da0bfd86a185 | Triage

Sharing

General

Target

b06cce27881341de91512a649f4f2da4cdaa39564908471cf1b7da0bfd86a185
Size

206KB
Sample

250120-lbnd3ssle1
MD5

3bf56052df462205e89848e43c3559c1
SHA1

4b978e84f56aa44f440c0d695feff37ec459d5db
SHA256

b06cce27881341de91512a649f4f2da4cdaa39564908471cf1b7da0bfd86a185
SHA512

16a80876666a9d131c55de2180b695bf0afa33a3eb44394ffd189e3e9ec774ed27aa9d9ff292bf8468a3c82f009ce680d3e6beef7c625e58e2c8e0215e96da12
SSDEEP

3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unNWMWMWMWMWMWMWMWMWMWMWZ:zvEN2U+T6i5LirrllHy4HUcMQY6j

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  b06cce27881341de91512a649f4f2da4cdaa39564908471cf1b7da0bfd86a185
- Size
  
  206KB
- MD5
  
  3bf56052df462205e89848e43c3559c1
- SHA1
  
  4b978e84f56aa44f440c0d695feff37ec459d5db
- SHA256
  
  b06cce27881341de91512a649f4f2da4cdaa39564908471cf1b7da0bfd86a185
- SHA512
  
  16a80876666a9d131c55de2180b695bf0afa33a3eb44394ffd189e3e9ec774ed27aa9d9ff292bf8468a3c82f009ce680d3e6beef7c625e58e2c8e0215e96da12
- SSDEEP
  
  3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unNWMWMWMWMWMWMWMWMWMWMWZ:zvEN2U+T6i5LirrllHy4HUcMQY6j
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence