77e8c924b6917a0ea57316baa27e2b54a7d75a5fa5e480c432b1892a4805e560 | Triage

Sharing

General

Target

77e8c924b6917a0ea57316baa27e2b54a7d75a5fa5e480c432b1892a4805e560
Size

191KB
Sample

220919-dc4hpahbcn
MD5

9db15662892c1aaf71fc639c7310282b
SHA1

b444662434f8debacc9a5b2ff7f05d1247823391
SHA256

77e8c924b6917a0ea57316baa27e2b54a7d75a5fa5e480c432b1892a4805e560
SHA512

02d748fd68122d393f2fa53a3f5073e50cd2d207b78bd3e18e5337b38f7b3acca0d9b73660c935dec4326eeecefc946dc27c9006ca372504910fe9a4de759cb9
SSDEEP

3072:/mEcppEjCTfaAIWSqTlrbPLEF7vmsZxE7hbNbLxX2t1v5IH97UoHop:/mEczfa4NlHTK7xxEFBHxmHRIH+ka

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  77e8c924b6917a0ea57316baa27e2b54a7d75a5fa5e480c432b1892a4805e560
- Size
  
  191KB
- MD5
  
  9db15662892c1aaf71fc639c7310282b
- SHA1
  
  b444662434f8debacc9a5b2ff7f05d1247823391
- SHA256
  
  77e8c924b6917a0ea57316baa27e2b54a7d75a5fa5e480c432b1892a4805e560
- SHA512
  
  02d748fd68122d393f2fa53a3f5073e50cd2d207b78bd3e18e5337b38f7b3acca0d9b73660c935dec4326eeecefc946dc27c9006ca372504910fe9a4de759cb9
- SSDEEP
  
  3072:/mEcppEjCTfaAIWSqTlrbPLEF7vmsZxE7hbNbLxX2t1v5IH97UoHop:/mEczfa4NlHTK7xxEFBHxmHRIH+ka
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2