21ab0c5531e71a8f7ba1f5e09631406c1d5ac18fc77e3096606aa4714f43028d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21ab0c5531e71a8f7ba1f5e09631406c1d5ac18fc77e3096606aa4714f43028d
Size

966KB
Sample

221002-sb77tadagk
MD5

65051b51aa614ad503547e9b78b4fad0
SHA1

950f7121a71f08ead67ce02a5b0790db79d938c2
SHA256

21ab0c5531e71a8f7ba1f5e09631406c1d5ac18fc77e3096606aa4714f43028d
SHA512

f6387bd55d5ce8687c17aadbf8c8e72264a293756a1a8775acc12bd4a1971291e2670eee1fe89146ca08b0f60fe2470300feb905665d5bc595dbf5d58d52e91f
SSDEEP

12288:i1bmhOnEit36HZC2tBTGgCxE05IuWhUUBWSTu2BySjNYwIKIlCoWp6tBSDH1EcOW:i1bf36HRBTBschtBXlUXPKEA19bqKN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  21ab0c5531e71a8f7ba1f5e09631406c1d5ac18fc77e3096606aa4714f43028d
- Size
  
  966KB
- MD5
  
  65051b51aa614ad503547e9b78b4fad0
- SHA1
  
  950f7121a71f08ead67ce02a5b0790db79d938c2
- SHA256
  
  21ab0c5531e71a8f7ba1f5e09631406c1d5ac18fc77e3096606aa4714f43028d
- SHA512
  
  f6387bd55d5ce8687c17aadbf8c8e72264a293756a1a8775acc12bd4a1971291e2670eee1fe89146ca08b0f60fe2470300feb905665d5bc595dbf5d58d52e91f
- SSDEEP
  
  12288:i1bmhOnEit36HZC2tBTGgCxE05IuWhUUBWSTu2BySjNYwIKIlCoWp6tBSDH1EcOW:i1bf36HRBTBschtBXlUXPKEA19bqKN
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2