9fe54d0b90ee658ce930a13449d858876ed50debeb7d91d827adbd6c2f20a2ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fe54d0b90ee658ce930a13449d858876ed50debeb7d91d827adbd6c2f20a2ac
Size

61KB
Sample

220919-w71z6acfe7
MD5

8780f8a69819b2421d9e2f7ebda4a8b3
SHA1

ceb4fef853ae93ce4b9048363dd6ce13f8403666
SHA256

9fe54d0b90ee658ce930a13449d858876ed50debeb7d91d827adbd6c2f20a2ac
SHA512

f44917f138bd0cb06743c73ae3a772ebd474d25b9c4808203c29f206ca4343abe490f8b6df922d97c9e5ab84e9c2cee80fff3662adc287c10ac222744ca597e2
SSDEEP

1536:HSJL2dMh2jyc52lkaSx6H08ReW+OrcVmB/tZ:H0YMq15gkaSS08j+DVmBF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9fe54d0b90ee658ce930a13449d858876ed50debeb7d91d827adbd6c2f20a2ac
- Size
  
  61KB
- MD5
  
  8780f8a69819b2421d9e2f7ebda4a8b3
- SHA1
  
  ceb4fef853ae93ce4b9048363dd6ce13f8403666
- SHA256
  
  9fe54d0b90ee658ce930a13449d858876ed50debeb7d91d827adbd6c2f20a2ac
- SHA512
  
  f44917f138bd0cb06743c73ae3a772ebd474d25b9c4808203c29f206ca4343abe490f8b6df922d97c9e5ab84e9c2cee80fff3662adc287c10ac222744ca597e2
- SSDEEP
  
  1536:HSJL2dMh2jyc52lkaSx6H08ReW+OrcVmB/tZ:H0YMq15gkaSS08j+DVmBF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2