422ed02db4e9b11e5a3a38553ca4e18e0e28253506aaebb3ab8735159e65e9ff | Triage

Sharing

General

Target

422ed02db4e9b11e5a3a38553ca4e18e0e28253506aaebb3ab8735159e65e9ff
Size

248KB
Sample

221019-21rqsscccr
MD5

91a294043f2a60fa0cd526327bf09e00
SHA1

d7443517a69a81e9e31ecef73393880609ee4801
SHA256

422ed02db4e9b11e5a3a38553ca4e18e0e28253506aaebb3ab8735159e65e9ff
SHA512

1ae4877d6a43f06ef17f2dc30dadcd30e0c183a67be34b5aa75995d4d4a4e66329c07dc7eb8bc043486dcc6b8adba46e089e5a48ba3c2c75271eb593b6567dee
SSDEEP

6144:Dtb8TsWD2MVA8vn6N8jb38SbY4sTYUZuTrGt:DSTsWD2Mm8vb3XbYZ9ZMrGt

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  422ed02db4e9b11e5a3a38553ca4e18e0e28253506aaebb3ab8735159e65e9ff
- Size
  
  248KB
- MD5
  
  91a294043f2a60fa0cd526327bf09e00
- SHA1
  
  d7443517a69a81e9e31ecef73393880609ee4801
- SHA256
  
  422ed02db4e9b11e5a3a38553ca4e18e0e28253506aaebb3ab8735159e65e9ff
- SHA512
  
  1ae4877d6a43f06ef17f2dc30dadcd30e0c183a67be34b5aa75995d4d4a4e66329c07dc7eb8bc043486dcc6b8adba46e089e5a48ba3c2c75271eb593b6567dee
- SSDEEP
  
  6144:Dtb8TsWD2MVA8vn6N8jb38SbY4sTYUZuTrGt:DSTsWD2Mm8vb3XbYZ9ZMrGt
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2