b0000999f7ec9adb37b631e5640214c5adb0f4c75161c7f36ccb9b3369d5e246 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0000999f7ec9adb37b631e5640214c5adb0f4c75161c7f36ccb9b3369d5e246
Size

442KB
Sample

221018-s92spagfek
MD5

f427740684bb60564c6f9e5dcdfd9a74
SHA1

05c86aa14435a8c193127a164e7efc58d50923cc
SHA256

b0000999f7ec9adb37b631e5640214c5adb0f4c75161c7f36ccb9b3369d5e246
SHA512

84c585ac113eb223ec742065ce4f4025afc358ae305aef49bb7fa26e84b793313f5bcfe05fa70283f2744af485a59fc3c61a4cea4c7d5ca465b2e91a67ae1a34
SSDEEP

12288:JmRF4LbCbxE9S+9mCFkF+fxQo1HrK73donYYB8nCSpCBcWZWR7Aea:MTxlE9r9mkk82o1HemYY1SpgSR70

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b0000999f7ec9adb37b631e5640214c5adb0f4c75161c7f36ccb9b3369d5e246
- Size
  
  442KB
- MD5
  
  f427740684bb60564c6f9e5dcdfd9a74
- SHA1
  
  05c86aa14435a8c193127a164e7efc58d50923cc
- SHA256
  
  b0000999f7ec9adb37b631e5640214c5adb0f4c75161c7f36ccb9b3369d5e246
- SHA512
  
  84c585ac113eb223ec742065ce4f4025afc358ae305aef49bb7fa26e84b793313f5bcfe05fa70283f2744af485a59fc3c61a4cea4c7d5ca465b2e91a67ae1a34
- SSDEEP
  
  12288:JmRF4LbCbxE9S+9mCFkF+fxQo1HrK73donYYB8nCSpCBcWZWR7Aea:MTxlE9r9mkk82o1HemYY1SpgSR70
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2