39b210fec0f5fcd85310aceddb8af919e566f3fb0b249323586c86cdef590d94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39b210fec0f5fcd85310aceddb8af919e566f3fb0b249323586c86cdef590d94
Size

355KB
Sample

221018-g31fhaegb2
MD5

391ad1263c4d56ca07e108521c964a35
SHA1

e8d2e7be0d15bdebce794a8db1192350b31f6549
SHA256

39b210fec0f5fcd85310aceddb8af919e566f3fb0b249323586c86cdef590d94
SHA512

32efa674cc9a19f65235d209924b56826b40fc9160a4ad25a09f12c51226fd9e1af1e31ad501addad38ac0b8e2eadd2ea6fa886d7d1441b1c1b6ad5e35758bf2
SSDEEP

6144:T3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:gmWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  39b210fec0f5fcd85310aceddb8af919e566f3fb0b249323586c86cdef590d94
- Size
  
  355KB
- MD5
  
  391ad1263c4d56ca07e108521c964a35
- SHA1
  
  e8d2e7be0d15bdebce794a8db1192350b31f6549
- SHA256
  
  39b210fec0f5fcd85310aceddb8af919e566f3fb0b249323586c86cdef590d94
- SHA512
  
  32efa674cc9a19f65235d209924b56826b40fc9160a4ad25a09f12c51226fd9e1af1e31ad501addad38ac0b8e2eadd2ea6fa886d7d1441b1c1b6ad5e35758bf2
- SSDEEP
  
  6144:T3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:gmWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2