3d51e015f087904ba05a1bcdbbd6cb7af88772048cbe43b3e1f16f1245c40d41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d51e015f087904ba05a1bcdbbd6cb7af88772048cbe43b3e1f16f1245c40d41
Size

67KB
Sample

221011-ky3xlsfdaj
MD5

7d33f997adc640250069b610d7e3ce00
SHA1

17f4e7208d68cec7682f0b70241569c6a43f90db
SHA256

3d51e015f087904ba05a1bcdbbd6cb7af88772048cbe43b3e1f16f1245c40d41
SHA512

1c6b48f63845aceb752319b416c090ac727ead9ddf4d1f187d2fcf9c9f44375689c8a88ecda8c56bcde43a3716133216700fb839f17d255f40c2bde02fbb2749
SSDEEP

1536:JaiqH1s+kCtrA2UMT0mTFibDKa1Xm4dWAuv:w1B31bdBob2QXFW3v

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3d51e015f087904ba05a1bcdbbd6cb7af88772048cbe43b3e1f16f1245c40d41
- Size
  
  67KB
- MD5
  
  7d33f997adc640250069b610d7e3ce00
- SHA1
  
  17f4e7208d68cec7682f0b70241569c6a43f90db
- SHA256
  
  3d51e015f087904ba05a1bcdbbd6cb7af88772048cbe43b3e1f16f1245c40d41
- SHA512
  
  1c6b48f63845aceb752319b416c090ac727ead9ddf4d1f187d2fcf9c9f44375689c8a88ecda8c56bcde43a3716133216700fb839f17d255f40c2bde02fbb2749
- SSDEEP
  
  1536:JaiqH1s+kCtrA2UMT0mTFibDKa1Xm4dWAuv:w1B31bdBob2QXFW3v
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2