df7d480a19c017a54562284c95f49b4f2b23fb30578cc12b4a12eeb54b28e8c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df7d480a19c017a54562284c95f49b4f2b23fb30578cc12b4a12eeb54b28e8c5
Size

226KB
Sample

221002-sfgknabgb2
MD5

6ebbaa20ea5b959b43ea3fe5c457933f
SHA1

05ad68b175c1a7e9afe21af53daddda5bd7d8b6c
SHA256

df7d480a19c017a54562284c95f49b4f2b23fb30578cc12b4a12eeb54b28e8c5
SHA512

a179d662ccc1eac23ff0590ef65bb546e299dee6efff83daaecca9c476c899aff65e3ac5911e05f3140a3601b9326a0193c3c769da00ce28116bf535a84ddc10
SSDEEP

6144:aFtDCIAtqHbPxhlV1PUF3HPFY2iEUS6kegd/:uteD0HbphlV1PmPFY2iEUSvjd/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  df7d480a19c017a54562284c95f49b4f2b23fb30578cc12b4a12eeb54b28e8c5
- Size
  
  226KB
- MD5
  
  6ebbaa20ea5b959b43ea3fe5c457933f
- SHA1
  
  05ad68b175c1a7e9afe21af53daddda5bd7d8b6c
- SHA256
  
  df7d480a19c017a54562284c95f49b4f2b23fb30578cc12b4a12eeb54b28e8c5
- SHA512
  
  a179d662ccc1eac23ff0590ef65bb546e299dee6efff83daaecca9c476c899aff65e3ac5911e05f3140a3601b9326a0193c3c769da00ce28116bf535a84ddc10
- SSDEEP
  
  6144:aFtDCIAtqHbPxhlV1PUF3HPFY2iEUS6kegd/:uteD0HbphlV1PmPFY2iEUSvjd/
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2