ab5ca00bfd0fff567960f09214e25a530ca96744b69164f3b7f51d0973d4fae6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5ca00bfd0fff567960f09214e25a530ca96744b69164f3b7f51d0973d4fae6
Size

393KB
Sample

221021-dcwg3shccl
MD5

113ee6cc8ba382d67563a57dbce7a1c0
SHA1

4b45203102757e602dda09b6f332cb9232b79ded
SHA256

ab5ca00bfd0fff567960f09214e25a530ca96744b69164f3b7f51d0973d4fae6
SHA512

b52cbc47963b328e1ef886a7bb9ff65884bb02f58d5f13d43d4e3922a4209ed96fc9cf89749fe4a4952e0fcbbea35a985e798302565a4190b92bbb9c7d24067a
SSDEEP

6144:Z/0qTn9J4LmDuvayK1Gqzma8CnXfCeIDudLCAFbZlS:6qTn9umDuvavHmrCGDgtHS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ab5ca00bfd0fff567960f09214e25a530ca96744b69164f3b7f51d0973d4fae6
- Size
  
  393KB
- MD5
  
  113ee6cc8ba382d67563a57dbce7a1c0
- SHA1
  
  4b45203102757e602dda09b6f332cb9232b79ded
- SHA256
  
  ab5ca00bfd0fff567960f09214e25a530ca96744b69164f3b7f51d0973d4fae6
- SHA512
  
  b52cbc47963b328e1ef886a7bb9ff65884bb02f58d5f13d43d4e3922a4209ed96fc9cf89749fe4a4952e0fcbbea35a985e798302565a4190b92bbb9c7d24067a
- SSDEEP
  
  6144:Z/0qTn9J4LmDuvayK1Gqzma8CnXfCeIDudLCAFbZlS:6qTn9umDuvavHmrCGDgtHS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2