5c535d678f9a6e3000fd3c372a39ebdbddf4db96733d70560b8b64e09a9715c0 | Triage

Sharing

General

Target

5c535d678f9a6e3000fd3c372a39ebdbddf4db96733d70560b8b64e09a9715c0
Size

556KB
Sample

221003-21yjcabchl
MD5

1088ded335bf379022a11e484d579d70
SHA1

febc2b82fcac95518872a2d4197d9d7c4a475cbb
SHA256

5c535d678f9a6e3000fd3c372a39ebdbddf4db96733d70560b8b64e09a9715c0
SHA512

638fa75b34ba2a487928fde37b8386fd40e454df87ba53ce8343adb0ce8a1eb4a27132412780e4970182acaddd2db16ee8e2ab6e7ea3ee37b23acbf660fe5d90
SSDEEP

12288:UgZdRKaU7z/vGXXrCpTjlPvKqVK7JwLjiASPOHC9Zly:HZdR2znGXbKbVKwLuASxZly

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5c535d678f9a6e3000fd3c372a39ebdbddf4db96733d70560b8b64e09a9715c0
- Size
  
  556KB
- MD5
  
  1088ded335bf379022a11e484d579d70
- SHA1
  
  febc2b82fcac95518872a2d4197d9d7c4a475cbb
- SHA256
  
  5c535d678f9a6e3000fd3c372a39ebdbddf4db96733d70560b8b64e09a9715c0
- SHA512
  
  638fa75b34ba2a487928fde37b8386fd40e454df87ba53ce8343adb0ce8a1eb4a27132412780e4970182acaddd2db16ee8e2ab6e7ea3ee37b23acbf660fe5d90
- SSDEEP
  
  12288:UgZdRKaU7z/vGXXrCpTjlPvKqVK7JwLjiASPOHC9Zly:HZdR2znGXbKbVKwLuASxZly
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2