ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
Size

201KB
Sample

221019-1v4bzaacg7
MD5

916c3ee6ff923f3649c311c00da1f04d
SHA1

54c68a00dff28730817aaa292552a89eb0432083
SHA256

ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
SHA512

135de02808cb87d44a6b602edc99106e17294cafa7df1055844b37e7555cdb6026ad5cca87fe4ef1f1ee72d73dfd4b3ba618656f58cc6baf9cfdf330ff3869ea
SSDEEP

6144:ToGHohfBO/EjvZX+FLwCrRrYSRnWXAojbq:lIhpO/EjhX+frRrRnE9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
- Size
  
  201KB
- MD5
  
  916c3ee6ff923f3649c311c00da1f04d
- SHA1
  
  54c68a00dff28730817aaa292552a89eb0432083
- SHA256
  
  ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
- SHA512
  
  135de02808cb87d44a6b602edc99106e17294cafa7df1055844b37e7555cdb6026ad5cca87fe4ef1f1ee72d73dfd4b3ba618656f58cc6baf9cfdf330ff3869ea
- SSDEEP
  
  6144:ToGHohfBO/EjvZX+FLwCrRrYSRnWXAojbq:lIhpO/EjhX+frRrRnE9
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2