59fee204f8e673c0de5f383dd11cb1ad42e40d8ab0f01636fc2da5e2efe4c034 | Triage

Sharing

General

Target

59fee204f8e673c0de5f383dd11cb1ad42e40d8ab0f01636fc2da5e2efe4c034
Size

68KB
Sample

221011-zpvbfaeaf8
MD5

666bc915f8a4976c40570ee6b6345208
SHA1

db8b988df866ef81edb79afb766f8994b1350d1d
SHA256

59fee204f8e673c0de5f383dd11cb1ad42e40d8ab0f01636fc2da5e2efe4c034
SHA512

b02bd4fff60382698ed5c1e15523887a7458166a98762ab4707377da2b94cb289ef363b885d9021394035211aa721372825c670cc580e8fcb7f33997ae3b3c66
SSDEEP

768:jvuqajF8o8RblqU19JBz/7wdMTpOPDpCsf1zBmQzTGfmgyqw:apM8+l87DpCsf1zwQVgvw

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  59fee204f8e673c0de5f383dd11cb1ad42e40d8ab0f01636fc2da5e2efe4c034
- Size
  
  68KB
- MD5
  
  666bc915f8a4976c40570ee6b6345208
- SHA1
  
  db8b988df866ef81edb79afb766f8994b1350d1d
- SHA256
  
  59fee204f8e673c0de5f383dd11cb1ad42e40d8ab0f01636fc2da5e2efe4c034
- SHA512
  
  b02bd4fff60382698ed5c1e15523887a7458166a98762ab4707377da2b94cb289ef363b885d9021394035211aa721372825c670cc580e8fcb7f33997ae3b3c66
- SSDEEP
  
  768:jvuqajF8o8RblqU19JBz/7wdMTpOPDpCsf1zBmQzTGfmgyqw:apM8+l87DpCsf1zwQVgvw
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2