471325daa2bc75f50856e93e9de088386556fc3ead653894d5c2a67f2a8b4975 | Triage

Resubmissions

01-07-2020 13:24

200701-3ayryqmz26 10

30-06-2020 05:41

200630-m1a6tbcjt2 10

Sharing

General

Target

data.bin
Size

119KB
Sample

200630-m1a6tbcjt2
MD5

f500854e3cf9556688203a3d869b7d6d
SHA1

281aab2eb26f31cf2255e2f5a467fc5eebda8df8
SHA256

471325daa2bc75f50856e93e9de088386556fc3ead653894d5c2a67f2a8b4975
SHA512

bccb54a68003bde3304dd6824f4bc6a3a5f06995a85bf371b1581fd00e0dc9ff40a1765594b61da9a2cbdf9c0372916a8694af2a66759a534b746981418101d4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  data.bin
- Size
  
  119KB
- MD5
  
  f500854e3cf9556688203a3d869b7d6d
- SHA1
  
  281aab2eb26f31cf2255e2f5a467fc5eebda8df8
- SHA256
  
  471325daa2bc75f50856e93e9de088386556fc3ead653894d5c2a67f2a8b4975
- SHA512
  
  bccb54a68003bde3304dd6824f4bc6a3a5f06995a85bf371b1581fd00e0dc9ff40a1765594b61da9a2cbdf9c0372916a8694af2a66759a534b746981418101d4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2