57580f96715cd49606206f62f0c8f3ec9bab6966f5ec9680e194b84b095082b2 | Triage

Sharing

General

Target

57580f96715cd49606206f62f0c8f3ec9bab6966f5ec9680e194b84b095082b2
Size

320KB
Sample

221001-zat25aedd5
MD5

75579761df789f0ae3694bc4d25a181c
SHA1

a4b0345d6d27d145c9363fed5de890dbe0002e65
SHA256

57580f96715cd49606206f62f0c8f3ec9bab6966f5ec9680e194b84b095082b2
SHA512

40210376ec651bdfa85894f972169f1fecd05b20dbe3c3446ef1ffb0b6bcd88f5ad81c7c1f1ea422b55d1871dbf0b5216b6814a543b2e5dfd4716c4013a0c5f2
SSDEEP

6144:J57boKipy1nB3WIrgO1tNRVEb/TbcILtD1zlgZPnUhrcJmR9:7qmnBgKRsPcILtpzl8PUhQJmL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  57580f96715cd49606206f62f0c8f3ec9bab6966f5ec9680e194b84b095082b2
- Size
  
  320KB
- MD5
  
  75579761df789f0ae3694bc4d25a181c
- SHA1
  
  a4b0345d6d27d145c9363fed5de890dbe0002e65
- SHA256
  
  57580f96715cd49606206f62f0c8f3ec9bab6966f5ec9680e194b84b095082b2
- SHA512
  
  40210376ec651bdfa85894f972169f1fecd05b20dbe3c3446ef1ffb0b6bcd88f5ad81c7c1f1ea422b55d1871dbf0b5216b6814a543b2e5dfd4716c4013a0c5f2
- SSDEEP
  
  6144:J57boKipy1nB3WIrgO1tNRVEb/TbcILtD1zlgZPnUhrcJmR9:7qmnBgKRsPcILtpzl8PUhQJmL
Score

7^/10

persistence
- Deletes itself
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2