9e659af267dcc9963a207a956ffe80d504531751254d697f5c3a5fefac923f16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e659af267dcc9963a207a956ffe80d504531751254d697f5c3a5fefac923f16
Size

343KB
Sample

221011-z5bt2aehck
MD5

6d4e88d2f18a89d7f25a576afaaf70fb
SHA1

dd0be3fc927e19df1c336f0aa1af41906c4e6189
SHA256

9e659af267dcc9963a207a956ffe80d504531751254d697f5c3a5fefac923f16
SHA512

12eca9ef3209406beed8c754ae9754c3d9f903aa8ef548a90943cab59d882ef750b7d93c2c68a137deb2a7681d785a53260c18c7f9deeb0610ce9f4deec604f4
SSDEEP

1536:pf1zwQVggBBFJju8E+lDqxABWMkQw1bB45pjf1zwQVgvFL5+:51zwLQBFJju8E+OA5kQwM5pL1zwLvF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9e659af267dcc9963a207a956ffe80d504531751254d697f5c3a5fefac923f16
- Size
  
  343KB
- MD5
  
  6d4e88d2f18a89d7f25a576afaaf70fb
- SHA1
  
  dd0be3fc927e19df1c336f0aa1af41906c4e6189
- SHA256
  
  9e659af267dcc9963a207a956ffe80d504531751254d697f5c3a5fefac923f16
- SHA512
  
  12eca9ef3209406beed8c754ae9754c3d9f903aa8ef548a90943cab59d882ef750b7d93c2c68a137deb2a7681d785a53260c18c7f9deeb0610ce9f4deec604f4
- SSDEEP
  
  1536:pf1zwQVggBBFJju8E+lDqxABWMkQw1bB45pjf1zwQVgvFL5+:51zwLQBFJju8E+OA5kQwM5pL1zwLvF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2