b5309205ab0cce59c7fd4ac7f44412757ae85b16aa142a4b17aebbcbec5d58fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5309205ab0cce59c7fd4ac7f44412757ae85b16aa142a4b17aebbcbec5d58fc
Size

381KB
Sample

221021-eq1vdsbde6
MD5

5aef55ce4fcbcde76c7d9af3f2dd4a76
SHA1

36facb7055f71910261752544d42ee58d928fcfd
SHA256

b5309205ab0cce59c7fd4ac7f44412757ae85b16aa142a4b17aebbcbec5d58fc
SHA512

e3c92ead9ec3af151d447cbda36e30c07babc4b77e7261ae575a9fba652a2b35da41196feb7853e3ef358844863a458cc97f95c40250bf379e10f345b33a9625
SSDEEP

6144:usdFZ3ehv1zY4ZDTUSx6dp8hGuK4QfhrrNX8XKfVMddB07PNr+WBueJJqY:7vehvlYuXb6cK4QJrr186amIWge+Y

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b5309205ab0cce59c7fd4ac7f44412757ae85b16aa142a4b17aebbcbec5d58fc
- Size
  
  381KB
- MD5
  
  5aef55ce4fcbcde76c7d9af3f2dd4a76
- SHA1
  
  36facb7055f71910261752544d42ee58d928fcfd
- SHA256
  
  b5309205ab0cce59c7fd4ac7f44412757ae85b16aa142a4b17aebbcbec5d58fc
- SHA512
  
  e3c92ead9ec3af151d447cbda36e30c07babc4b77e7261ae575a9fba652a2b35da41196feb7853e3ef358844863a458cc97f95c40250bf379e10f345b33a9625
- SSDEEP
  
  6144:usdFZ3ehv1zY4ZDTUSx6dp8hGuK4QfhrrNX8XKfVMddB07PNr+WBueJJqY:7vehvlYuXb6cK4QJrr186amIWge+Y
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2