fd7eb529eca8ee273d86e0e3a63ef107d44762cc60b025a024afde181d83f2f7 | Triage

Sharing

General

Target

fd7eb529eca8ee273d86e0e3a63ef107d44762cc60b025a024afde181d83f2f7
Size

104KB
Sample

221020-mjp4bahegp
MD5

963d7ecf5ef9b477d59cd9eee5c0423b
SHA1

7bbdde1a095d45de03304ccbe2433029744eba46
SHA256

fd7eb529eca8ee273d86e0e3a63ef107d44762cc60b025a024afde181d83f2f7
SHA512

bafec8904807a0ad8fd4d5f85247ae8c0f7677a9d269251e68a8a66df622047d85f7fabd0b628dac94f1e625e3d4221fcfae8ad9a88857cd986490f21385b137
SSDEEP

1536:JFYnqiEf5CyXVrL/Yp/uFI9pndBZgWaRhdsRJpT:J8SBnWEFIb5fajipT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  fd7eb529eca8ee273d86e0e3a63ef107d44762cc60b025a024afde181d83f2f7
- Size
  
  104KB
- MD5
  
  963d7ecf5ef9b477d59cd9eee5c0423b
- SHA1
  
  7bbdde1a095d45de03304ccbe2433029744eba46
- SHA256
  
  fd7eb529eca8ee273d86e0e3a63ef107d44762cc60b025a024afde181d83f2f7
- SHA512
  
  bafec8904807a0ad8fd4d5f85247ae8c0f7677a9d269251e68a8a66df622047d85f7fabd0b628dac94f1e625e3d4221fcfae8ad9a88857cd986490f21385b137
- SSDEEP
  
  1536:JFYnqiEf5CyXVrL/Yp/uFI9pndBZgWaRhdsRJpT:J8SBnWEFIb5fajipT
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2