d6545df09764937463e293d182b6c38de35800be2a942e8e694782fe1e24530a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6545df09764937463e293d182b6c38de35800be2a942e8e694782fe1e24530a
Size

75KB
Sample

221003-vgpnrsfgc2
MD5

419eb7108ffe7c8f75e1a9a4be706f10
SHA1

dee06d61fda325b84f77798b423095e5e5d70c83
SHA256

d6545df09764937463e293d182b6c38de35800be2a942e8e694782fe1e24530a
SHA512

c91e2da8b28c0f96d7034e9bc1d59742c5399d72319d3f75636d9b68ffdf13770024c8ae90b2d9028d8aa5d70c6ccc9e2961e5af051e5ef23c04d55241432fd1
SSDEEP

1536:AJiiNJ/EgCSAqtl/+RSBl9b74VHiv3rBC9NwJslck:AJiOcg9AqtCSBf34gv3rBCkJcck

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d6545df09764937463e293d182b6c38de35800be2a942e8e694782fe1e24530a
- Size
  
  75KB
- MD5
  
  419eb7108ffe7c8f75e1a9a4be706f10
- SHA1
  
  dee06d61fda325b84f77798b423095e5e5d70c83
- SHA256
  
  d6545df09764937463e293d182b6c38de35800be2a942e8e694782fe1e24530a
- SHA512
  
  c91e2da8b28c0f96d7034e9bc1d59742c5399d72319d3f75636d9b68ffdf13770024c8ae90b2d9028d8aa5d70c6ccc9e2961e5af051e5ef23c04d55241432fd1
- SSDEEP
  
  1536:AJiiNJ/EgCSAqtl/+RSBl9b74VHiv3rBC9NwJslck:AJiOcg9AqtCSBf34gv3rBCkJcck
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence