e80aa4d7b4ead644f3e9b9a17a0683ebcb72bc852c6c034fb0ea23a08fa61a44 | Triage

Sharing

General

Target

e80aa4d7b4ead644f3e9b9a17a0683ebcb72bc852c6c034fb0ea23a08fa61a44
Size

224KB
Sample

221004-dr4r1aadh7
MD5

062ca31f5d11475347946477852f9f23
SHA1

81970f88ddf11ee144ba368ec4e44f352e5139fe
SHA256

e80aa4d7b4ead644f3e9b9a17a0683ebcb72bc852c6c034fb0ea23a08fa61a44
SHA512

ec8011f16c5973d1352c8f6b302b3eb6af093a3ab67b9d953a7d4797f43dfcc4dbf89b26ba683e7fa3a349fb4d2b863a37218c9e7904d5e4915e57dc44726b9e
SSDEEP

6144:Io/3Nr7Zjsx8Is2EXbIh0HY2yp2IVVhc0Ru3MtyBb+:Io/9rxUJs2ELIeolc6uqma

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e80aa4d7b4ead644f3e9b9a17a0683ebcb72bc852c6c034fb0ea23a08fa61a44
- Size
  
  224KB
- MD5
  
  062ca31f5d11475347946477852f9f23
- SHA1
  
  81970f88ddf11ee144ba368ec4e44f352e5139fe
- SHA256
  
  e80aa4d7b4ead644f3e9b9a17a0683ebcb72bc852c6c034fb0ea23a08fa61a44
- SHA512
  
  ec8011f16c5973d1352c8f6b302b3eb6af093a3ab67b9d953a7d4797f43dfcc4dbf89b26ba683e7fa3a349fb4d2b863a37218c9e7904d5e4915e57dc44726b9e
- SSDEEP
  
  6144:Io/3Nr7Zjsx8Is2EXbIh0HY2yp2IVVhc0Ru3MtyBb+:Io/9rxUJs2ELIeolc6uqma
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2