77f45b143ed15c3ff755ccb0c83d540442abd21374a93650569fdd270e3f80cc | Triage

Sharing

General

Target

77f45b143ed15c3ff755ccb0c83d540442abd21374a93650569fdd270e3f80cc
Size

435KB
Sample

221003-w92pgabae3
MD5

387050f87fe3ff8dbedf3c097233a710
SHA1

3d060c5c5065e44652a59d405ff4754bc88ba426
SHA256

77f45b143ed15c3ff755ccb0c83d540442abd21374a93650569fdd270e3f80cc
SHA512

645af124b2fcfed670c00ec9ab2a53964077936c32d1df5091310eca9075dc955465257f8b23358792c031e3348a453e7b6a4f3b31d175a4d9e4b98bc785cb56
SSDEEP

3072:TSWVa1rLfhE9vDH8/Wg1kuWZyxOvxQggjbdRYEX+RotB5:fVa1rLhAeKuWZyxOqXjGsL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  77f45b143ed15c3ff755ccb0c83d540442abd21374a93650569fdd270e3f80cc
- Size
  
  435KB
- MD5
  
  387050f87fe3ff8dbedf3c097233a710
- SHA1
  
  3d060c5c5065e44652a59d405ff4754bc88ba426
- SHA256
  
  77f45b143ed15c3ff755ccb0c83d540442abd21374a93650569fdd270e3f80cc
- SHA512
  
  645af124b2fcfed670c00ec9ab2a53964077936c32d1df5091310eca9075dc955465257f8b23358792c031e3348a453e7b6a4f3b31d175a4d9e4b98bc785cb56
- SSDEEP
  
  3072:TSWVa1rLfhE9vDH8/Wg1kuWZyxOvxQggjbdRYEX+RotB5:fVa1rLhAeKuWZyxOqXjGsL
Score

8^/10

persistence
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2