02382301e126820b7699087499679013dc8a1e8df00670209970bc80b0d7ea75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02382301e126820b7699087499679013dc8a1e8df00670209970bc80b0d7ea75
Size

442KB
Sample

220919-wqwdcafefl
MD5

897c49b2a83524f3993a6421768fbdd0
SHA1

4919437c1555c5d2b9aa0b97efac239f46b93a4a
SHA256

02382301e126820b7699087499679013dc8a1e8df00670209970bc80b0d7ea75
SHA512

388fb0253fdd9c11db5d437b6b6d2f4ffde51bd5d30f853319332369a5a34c7d2f282a53f9d8e3378754d23fbb5d827e7b87b082c5bc2a1bc37f55b1309ee2f4
SSDEEP

12288:BOzBNFC08Za7kUZtLXjdtEc7PaHvHDzwP2g9+:By/Cza7nXBtdyHPDzwP2b

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  02382301e126820b7699087499679013dc8a1e8df00670209970bc80b0d7ea75
- Size
  
  442KB
- MD5
  
  897c49b2a83524f3993a6421768fbdd0
- SHA1
  
  4919437c1555c5d2b9aa0b97efac239f46b93a4a
- SHA256
  
  02382301e126820b7699087499679013dc8a1e8df00670209970bc80b0d7ea75
- SHA512
  
  388fb0253fdd9c11db5d437b6b6d2f4ffde51bd5d30f853319332369a5a34c7d2f282a53f9d8e3378754d23fbb5d827e7b87b082c5bc2a1bc37f55b1309ee2f4
- SSDEEP
  
  12288:BOzBNFC08Za7kUZtLXjdtEc7PaHvHDzwP2g9+:By/Cza7nXBtdyHPDzwP2b
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2