c0f57bfe8d8a19483cf6e2cbc7dd6bd0cbe15c60aec3ba13bf1da4ba76470c1b | Triage

Resubmissions

22-02-2025 04:36

250222-e77z2axpfy 10

22-02-2025 04:30

250222-e5b5ksymaj 10

22-02-2025 03:57

250222-eh157axrem 10

22-02-2025 03:49

250222-edlvpsxqgl 10

Sharing

General

Target

BootstrapperNew.exe
Size

534KB
Sample

250222-e77z2axpfy
MD5

64fdd7496eddeb222bea9a42fe6ed53d
SHA1

998dcd9b27a2120cc46f0e47d65d29af12944d27
SHA256

c0f57bfe8d8a19483cf6e2cbc7dd6bd0cbe15c60aec3ba13bf1da4ba76470c1b
SHA512

9e7c4401fb3e0cca134087a87b78ba9466182d9678eb6be356edbe52b5337e91dfdf3342b6671092e8215583d425cc696f608cd05d706673be499b928268fe27
SSDEEP

6144:Aa0ScUn4SkuC/Ee0lPYdue6VlWT8b9acd3YduIsan//fnss1OJb50D08I:AxfZ/9axPVle8kssX08I

Score

10^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  BootstrapperNew.exe
- Size
  
  534KB
- MD5
  
  64fdd7496eddeb222bea9a42fe6ed53d
- SHA1
  
  998dcd9b27a2120cc46f0e47d65d29af12944d27
- SHA256
  
  c0f57bfe8d8a19483cf6e2cbc7dd6bd0cbe15c60aec3ba13bf1da4ba76470c1b
- SHA512
  
  9e7c4401fb3e0cca134087a87b78ba9466182d9678eb6be356edbe52b5337e91dfdf3342b6671092e8215583d425cc696f608cd05d706673be499b928268fe27
- SSDEEP
  
  6144:Aa0ScUn4SkuC/Ee0lPYdue6VlWT8b9acd3YduIsan//fnss1OJb50D08I:AxfZ/9axPVle8kssX08I
Score

10^/10

persistence privilege_escalation
- Modifies WinLogon for persistence
  persistence
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

AppInit DLLs

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Event Triggered Execution

AppInit DLLs

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation