aa8c776ec59e6c777b178a2836c5c20c9cb3e89155b4044c3b96dc1599c3695b | Triage

Sharing

General

Target

aa8c776ec59e6c777b178a2836c5c20c9cb3e89155b4044c3b96dc1599c3695b
Size

110KB
Sample

201011-9aw64pq7d2
MD5

16c9b60c23fb1b6e578f1b2c330a637e
SHA1

8e9f845376867df8cc8675d8a9eaef8fb25d02d0
SHA256

aa8c776ec59e6c777b178a2836c5c20c9cb3e89155b4044c3b96dc1599c3695b
SHA512

53a321eb8ac8de8951a915043eb88459b642f522a59e8fca80814411d7d7505a5585b3b53b4b2f0f391ebe3a573560e7ae5bf148c1e1b0fb4ac9a522ae244520

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  aa8c776ec59e6c777b178a2836c5c20c9cb3e89155b4044c3b96dc1599c3695b
- Size
  
  110KB
- MD5
  
  16c9b60c23fb1b6e578f1b2c330a637e
- SHA1
  
  8e9f845376867df8cc8675d8a9eaef8fb25d02d0
- SHA256
  
  aa8c776ec59e6c777b178a2836c5c20c9cb3e89155b4044c3b96dc1599c3695b
- SHA512
  
  53a321eb8ac8de8951a915043eb88459b642f522a59e8fca80814411d7d7505a5585b3b53b4b2f0f391ebe3a573560e7ae5bf148c1e1b0fb4ac9a522ae244520
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2