883da88d974765d0b5745dec6df1d192311dee348a0f699935e7cffcc04f89b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

883da88d974765d0b5745dec6df1d192311dee348a0f699935e7cffcc04f89b4
Size

124KB
Sample

220919-wz2aysgagn
MD5

54b255c54d20de284793c6adc9aa903e
SHA1

8c21b03f061fdf3f3695da43a65af7d87bd7ee23
SHA256

883da88d974765d0b5745dec6df1d192311dee348a0f699935e7cffcc04f89b4
SHA512

199def55324c9e508ee7e95e763d863de298b703abb6ea622fa0626c546f5753966585a66ac28613c5ce4c85d84d5d116ef15888c690fa7e9ac79c857ea925a6
SSDEEP

3072:mVmlUSUbYY/FGmcCJEQj+TNXWFe1/3JSaKtIM11CGhVQ7Dlfo:qmUSBsMYJuHfgn1CGTUdo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  883da88d974765d0b5745dec6df1d192311dee348a0f699935e7cffcc04f89b4
- Size
  
  124KB
- MD5
  
  54b255c54d20de284793c6adc9aa903e
- SHA1
  
  8c21b03f061fdf3f3695da43a65af7d87bd7ee23
- SHA256
  
  883da88d974765d0b5745dec6df1d192311dee348a0f699935e7cffcc04f89b4
- SHA512
  
  199def55324c9e508ee7e95e763d863de298b703abb6ea622fa0626c546f5753966585a66ac28613c5ce4c85d84d5d116ef15888c690fa7e9ac79c857ea925a6
- SSDEEP
  
  3072:mVmlUSUbYY/FGmcCJEQj+TNXWFe1/3JSaKtIM11CGhVQ7Dlfo:qmUSBsMYJuHfgn1CGTUdo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2