12f1371f62eaee96d39e7018699dadda57824ae6bbe53bf9e8410f6a2f4d01c0 | Triage

Sharing

General

Target

22a16aac778046db0211063baf087f01
Size

174KB
Sample

221026-brndxaedem
MD5

5037cf677340a7851bc1e141f0a5a23d
SHA1

c2db62a2137bcc5cf79e4fdc43e45dd21b8489c0
SHA256

12f1371f62eaee96d39e7018699dadda57824ae6bbe53bf9e8410f6a2f4d01c0
SHA512

8c7c05901840c313d375a2438d0b19af66aa4b9014ca66e3cd37e102a29d0355350b5a5e79caec4c370ad3ce0391c5e8644767a80a78cef8c4d529d638561394
SSDEEP

3072:wUuwq2mVdVQL9h02xE9dK0BPhgj5p12foTkc4ZoDDm/I8wI7RK4RL5NQV/31B:kwedmv02xaBw3Tk3KDgI8L1K4QV/FB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8e9b0007d2d7be49ea53bee869c3ef8b120b25fa92fef4d4b85cb9ed002a4fc2
- Size
  
  368KB
- MD5
  
  22a16aac778046db0211063baf087f01
- SHA1
  
  b4b956ed95e827e0f3fa6fb41e339119660121d1
- SHA256
  
  8e9b0007d2d7be49ea53bee869c3ef8b120b25fa92fef4d4b85cb9ed002a4fc2
- SHA512
  
  8b45b35b593fffda272d361e5f5e1a2c413157e47055de18d3a5a4fc12952e6ffee5419159efb7653373aa7360277034f951ab39a8725c16815ea0ca8e6b281c
- SSDEEP
  
  6144:T3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei/:gmWhND9yJz+b1FcMLmp2ATTSsd/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2