8e0974f102ee4c3ec2dca6e79eeebf896f8c83e6b4d76ba027d23c6a525f14ff | Triage

Sharing

General

Target

8e0974f102ee4c3ec2dca6e79eeebf896f8c83e6b4d76ba027d23c6a525f14ff
Size

110KB
Sample

221011-kyx2csfchm
MD5

682259a576c0f735d61ab44de8990590
SHA1

b75845afda5266cda38e72045e5c47e8bdcbcc0b
SHA256

8e0974f102ee4c3ec2dca6e79eeebf896f8c83e6b4d76ba027d23c6a525f14ff
SHA512

ce36a1f0ec11cdfce878ce158d1bf57d5b8dadee9286d3074612e1d56355ebf35f90c2843609bebde8c951431803742eda912ce41fd12a640ba39e508022c620
SSDEEP

1536:JaiqH1s+kCtrA2UMT0mTFibDKa1Xm46PgGnLwfyhosxT/2Qu7Rv7YsDKRxssd:w1B31bdBob2QXCoQhZT/MlvYd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8e0974f102ee4c3ec2dca6e79eeebf896f8c83e6b4d76ba027d23c6a525f14ff
- Size
  
  110KB
- MD5
  
  682259a576c0f735d61ab44de8990590
- SHA1
  
  b75845afda5266cda38e72045e5c47e8bdcbcc0b
- SHA256
  
  8e0974f102ee4c3ec2dca6e79eeebf896f8c83e6b4d76ba027d23c6a525f14ff
- SHA512
  
  ce36a1f0ec11cdfce878ce158d1bf57d5b8dadee9286d3074612e1d56355ebf35f90c2843609bebde8c951431803742eda912ce41fd12a640ba39e508022c620
- SSDEEP
  
  1536:JaiqH1s+kCtrA2UMT0mTFibDKa1Xm46PgGnLwfyhosxT/2Qu7Rv7YsDKRxssd:w1B31bdBob2QXCoQhZT/MlvYd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2