fe72669c64228ea7ca8d14b3035b15c1449f4ea2865e3e00c6ce96095a97fa45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe72669c64228ea7ca8d14b3035b15c1449f4ea2865e3e00c6ce96095a97fa45
Size

768KB
Sample

221011-xz1vvsbab4
MD5

75f52358569243d6d9ed6d560ac437e0
SHA1

356cd65a57275c7a9c89b98d75d4b26e5bc61bf8
SHA256

fe72669c64228ea7ca8d14b3035b15c1449f4ea2865e3e00c6ce96095a97fa45
SHA512

8d08802303277745141f494e4a906ac4e77ac7b82d093df1a11b712bb95a4b334993068060f06a548ab2c3431271be36ff02f39a0f4b8a41493c3f2d4d1e7e1c
SSDEEP

12288:51bh0JHDshEsf4SN/e+nGRfTqHeRJQhkvKQ5x0iI8V7MJIJcvwbCw:51bh8KP4a/7FHiQhkvKj22JIJc3w

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  fe72669c64228ea7ca8d14b3035b15c1449f4ea2865e3e00c6ce96095a97fa45
- Size
  
  768KB
- MD5
  
  75f52358569243d6d9ed6d560ac437e0
- SHA1
  
  356cd65a57275c7a9c89b98d75d4b26e5bc61bf8
- SHA256
  
  fe72669c64228ea7ca8d14b3035b15c1449f4ea2865e3e00c6ce96095a97fa45
- SHA512
  
  8d08802303277745141f494e4a906ac4e77ac7b82d093df1a11b712bb95a4b334993068060f06a548ab2c3431271be36ff02f39a0f4b8a41493c3f2d4d1e7e1c
- SSDEEP
  
  12288:51bh0JHDshEsf4SN/e+nGRfTqHeRJQhkvKQ5x0iI8V7MJIJcvwbCw:51bh8KP4a/7FHiQhkvKj22JIJc3w
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2