bcfb529191320c9c9134c5be0858ae88c13127ca0d4c270904ca1bd2b1298085 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcfb529191320c9c9134c5be0858ae88c13127ca0d4c270904ca1bd2b1298085
Size

232KB
Sample

220919-z3pm4shgg4
MD5

90471aeffffa9dcdbb557b8bf045a1e9
SHA1

53d04d87cf1c4724b654ee0f42ce6fcc4c3f1790
SHA256

bcfb529191320c9c9134c5be0858ae88c13127ca0d4c270904ca1bd2b1298085
SHA512

4fff1d4122e0eb89e16eec5fe6e4456a7aef650c157eb05f4f1add4fa70e6dd6251eeb41662e59439a158af85cc17c7a312bc04e5a696444a3c8e1e8997163a4
SSDEEP

1536:skf1zwQVgIxdWlzlTVCctm0+FdUM6+LApdCf1zwQVgvmVId:sk1zwLInWlJVCUm3dUMKpdq1zwLvm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bcfb529191320c9c9134c5be0858ae88c13127ca0d4c270904ca1bd2b1298085
- Size
  
  232KB
- MD5
  
  90471aeffffa9dcdbb557b8bf045a1e9
- SHA1
  
  53d04d87cf1c4724b654ee0f42ce6fcc4c3f1790
- SHA256
  
  bcfb529191320c9c9134c5be0858ae88c13127ca0d4c270904ca1bd2b1298085
- SHA512
  
  4fff1d4122e0eb89e16eec5fe6e4456a7aef650c157eb05f4f1add4fa70e6dd6251eeb41662e59439a158af85cc17c7a312bc04e5a696444a3c8e1e8997163a4
- SSDEEP
  
  1536:skf1zwQVgIxdWlzlTVCctm0+FdUM6+LApdCf1zwQVgvmVId:sk1zwLInWlJVCUm3dUMKpdq1zwLvm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2