d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
Size

68KB
Sample

220919-xbemqagfan
MD5

1af2f1aa2eb2599ce41bd85eb0309678
SHA1

2f227e95e5e52ae22fd58a4a920992b9f3d6a28d
SHA256

d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
SHA512

43e9a059188e680a7481c0c71f902d2e50014392d878d7569c75a443f7f5e475f0c75ebd4aecb778c244fca03598f0a337f973519c51561a9a404f6a9cb21f1b
SSDEEP

1536:dPLKDuKmrIYjbi8RxlgwB2Coy1+tMmgfKUKZwHGeY7Qz:xuv0I+eoz2CoC+tM/SUM7U

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
- Size
  
  68KB
- MD5
  
  1af2f1aa2eb2599ce41bd85eb0309678
- SHA1
  
  2f227e95e5e52ae22fd58a4a920992b9f3d6a28d
- SHA256
  
  d3a68316c40b257dec4f09f70490a49e18be4dd3a433ece23b2ea896f66085a3
- SHA512
  
  43e9a059188e680a7481c0c71f902d2e50014392d878d7569c75a443f7f5e475f0c75ebd4aecb778c244fca03598f0a337f973519c51561a9a404f6a9cb21f1b
- SSDEEP
  
  1536:dPLKDuKmrIYjbi8RxlgwB2Coy1+tMmgfKUKZwHGeY7Qz:xuv0I+eoz2CoC+tM/SUM7U
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2