dd5f35ac47a67687e6185605febe4a0c3443184887cf87b721bc76dc1e8c9525 | Triage

Sharing

General

Target

dd5f35ac47a67687e6185605febe4a0c3443184887cf87b721bc76dc1e8c9525
Size

746KB
Sample

221002-ldfr1shbf5
MD5

6e2666d96a290021040759fbcbeef750
SHA1

3ca7e63b5ecc01d0b7c21edd992b674d11084066
SHA256

dd5f35ac47a67687e6185605febe4a0c3443184887cf87b721bc76dc1e8c9525
SHA512

c20fa259501bc700b46a9d8e4ca3f975d2d3183cef2a17632e98aaabc3e5b9a8eaeb515f22ff27d9415f9c1736579e58dded146a53482a56814b41a9aedae0bd
SSDEEP

12288:5vehvlYuXb6cK4QJrr186amIWge+RCQdyIMA65xb/T+ZXmwWE43LY/g5Bx:5vehviuXbZKXJrr186amIWgVRFyIMX5F

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dd5f35ac47a67687e6185605febe4a0c3443184887cf87b721bc76dc1e8c9525
- Size
  
  746KB
- MD5
  
  6e2666d96a290021040759fbcbeef750
- SHA1
  
  3ca7e63b5ecc01d0b7c21edd992b674d11084066
- SHA256
  
  dd5f35ac47a67687e6185605febe4a0c3443184887cf87b721bc76dc1e8c9525
- SHA512
  
  c20fa259501bc700b46a9d8e4ca3f975d2d3183cef2a17632e98aaabc3e5b9a8eaeb515f22ff27d9415f9c1736579e58dded146a53482a56814b41a9aedae0bd
- SSDEEP
  
  12288:5vehvlYuXb6cK4QJrr186amIWge+RCQdyIMA65xb/T+ZXmwWE43LY/g5Bx:5vehviuXbZKXJrr186amIWgVRFyIMX5F
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2