c6fafc9beae62d76ae4b5b92cc20f284d60a2f5c2ab12e7273d0943c02a40156 | Triage

Sharing

General

Target

c6fafc9beae62d76ae4b5b92cc20f284d60a2f5c2ab12e7273d0943c02a40156
Size

762KB
Sample

220919-z56z6sddem
MD5

13b9a4fc0aeb36a8862546b64508c0ed
SHA1

6eb8efd4c47f32c31bec83794caad6dd13a7d858
SHA256

c6fafc9beae62d76ae4b5b92cc20f284d60a2f5c2ab12e7273d0943c02a40156
SHA512

5be6b69059e6b0d55d95e6eb8a5405f8763eb77d523671a7a3cc8108809e2f669f0e52ecbb575cc6670957ca2e83cd66a9fb37ea9f15952a0eaea722a3f8142e
SSDEEP

12288:svehvlTuXb6cK4QJrr186amIWge+RCQdyIMA65xb/T+ZXmwWE43LY/g5B3P:svehvtuXbZKXJrr186amIWgVRFyIMX5b

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c6fafc9beae62d76ae4b5b92cc20f284d60a2f5c2ab12e7273d0943c02a40156
- Size
  
  762KB
- MD5
  
  13b9a4fc0aeb36a8862546b64508c0ed
- SHA1
  
  6eb8efd4c47f32c31bec83794caad6dd13a7d858
- SHA256
  
  c6fafc9beae62d76ae4b5b92cc20f284d60a2f5c2ab12e7273d0943c02a40156
- SHA512
  
  5be6b69059e6b0d55d95e6eb8a5405f8763eb77d523671a7a3cc8108809e2f669f0e52ecbb575cc6670957ca2e83cd66a9fb37ea9f15952a0eaea722a3f8142e
- SSDEEP
  
  12288:svehvlTuXb6cK4QJrr186amIWge+RCQdyIMA65xb/T+ZXmwWE43LY/g5B3P:svehvtuXbZKXJrr186amIWgVRFyIMX5b
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2