a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701 | Triage

Sharing

General

Target

a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
Size

253KB
Sample

221020-j9hkdaddg9
MD5

815a5a5835c022436095f490ee5c2cdd
SHA1

75baecab18d71c4edf4ec808a9ffe0c759af17d5
SHA256

a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
SHA512

b8998e4dcca78a7b33b6a046952c32855d1b5ff8d2cf80feef846ec8dbd9547168f841a7cfaf31c120b899814625097c4a3fd9775868dadd8ad91f9a18a0c30a
SSDEEP

6144:7j89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:UyTjOxa0+ZdsLTLGJC2WNYrU7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
- Size
  
  253KB
- MD5
  
  815a5a5835c022436095f490ee5c2cdd
- SHA1
  
  75baecab18d71c4edf4ec808a9ffe0c759af17d5
- SHA256
  
  a31dfc873f8a40fb523cc1441bb976ecc836f6ef50e728d17dc97466911b5701
- SHA512
  
  b8998e4dcca78a7b33b6a046952c32855d1b5ff8d2cf80feef846ec8dbd9547168f841a7cfaf31c120b899814625097c4a3fd9775868dadd8ad91f9a18a0c30a
- SSDEEP
  
  6144:7j89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:UyTjOxa0+ZdsLTLGJC2WNYrU7
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2