4ab3bdd85cec7f404a9687ad3a7a677f615812e667a163b4d544781a625a736e | Triage

Sharing

General

Target

4ab3bdd85cec7f404a9687ad3a7a677f615812e667a163b4d544781a625a736e
Size

251KB
Sample

221002-qwnb2aaefm
MD5

6ecd8907359e28c6486ea26e6b614e80
SHA1

4ba78789c9173ec00805c8bd81afcf328bfaa9eb
SHA256

4ab3bdd85cec7f404a9687ad3a7a677f615812e667a163b4d544781a625a736e
SHA512

e674b98d135eeb1193a32fbb206bd63036e03984a3e51ef19bddbb664209d63d2c1d93022c4f1352fd31edbdaa9f9ef026b39ed08dc26e6090cd7b6322b92c38
SSDEEP

6144:pY9eF7vHJNXoJk1LGHHdHaNJLBRITgZl5AHWj3BchNERF:K94jHj+k1LWQNOgZ/jGgL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4ab3bdd85cec7f404a9687ad3a7a677f615812e667a163b4d544781a625a736e
- Size
  
  251KB
- MD5
  
  6ecd8907359e28c6486ea26e6b614e80
- SHA1
  
  4ba78789c9173ec00805c8bd81afcf328bfaa9eb
- SHA256
  
  4ab3bdd85cec7f404a9687ad3a7a677f615812e667a163b4d544781a625a736e
- SHA512
  
  e674b98d135eeb1193a32fbb206bd63036e03984a3e51ef19bddbb664209d63d2c1d93022c4f1352fd31edbdaa9f9ef026b39ed08dc26e6090cd7b6322b92c38
- SSDEEP
  
  6144:pY9eF7vHJNXoJk1LGHHdHaNJLBRITgZl5AHWj3BchNERF:K94jHj+k1LWQNOgZ/jGgL
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2