eecbb2c575e4a768b6ae681cd682420486d898596b97da4f1810653056363935 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eecbb2c575e4a768b6ae681cd682420486d898596b97da4f1810653056363935
Size

961KB
Sample

221001-1yattshce6
MD5

5c920d2d4b742e61dae2298ac384c96e
SHA1

70b2cb1d32ac767adbf62fc4d246c76046da38ad
SHA256

eecbb2c575e4a768b6ae681cd682420486d898596b97da4f1810653056363935
SHA512

c9371f702ea17e7ea2645123f4cc624429416540eff8c02d2370c6aace75b148986554d745c4152646b789b88df30b88df8d373b155d1f0865f3610ae1742e84
SSDEEP

24576:k7TGvol9e79AP6uTPc8O4Jn7PSfNC0qsR:aqwDOAZLp57qfNCsR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  eecbb2c575e4a768b6ae681cd682420486d898596b97da4f1810653056363935
- Size
  
  961KB
- MD5
  
  5c920d2d4b742e61dae2298ac384c96e
- SHA1
  
  70b2cb1d32ac767adbf62fc4d246c76046da38ad
- SHA256
  
  eecbb2c575e4a768b6ae681cd682420486d898596b97da4f1810653056363935
- SHA512
  
  c9371f702ea17e7ea2645123f4cc624429416540eff8c02d2370c6aace75b148986554d745c4152646b789b88df30b88df8d373b155d1f0865f3610ae1742e84
- SSDEEP
  
  24576:k7TGvol9e79AP6uTPc8O4Jn7PSfNC0qsR:aqwDOAZLp57qfNCsR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2