c0967c1a26ba6e947627687ea2a2eff2959bc9e88ed6f24c88829218e6cd2819 | Triage

Sharing

General

Target

c0967c1a26ba6e947627687ea2a2eff2959bc9e88ed6f24c88829218e6cd2819
Size

156KB
Sample

221029-1yfebahac7
MD5

84ee3d68ceef4ef39efb170d2664b8e0
SHA1

ee6fe4519cf00284cab5b83fa09b43ca7c63c37c
SHA256

c0967c1a26ba6e947627687ea2a2eff2959bc9e88ed6f24c88829218e6cd2819
SHA512

caf87557fdd45b6105c9ebf09405861f7015209b3ecd32c321ac01e3c50d7c4196536c2fea7ad437348038cea08780b2002effebe555c642c150d3600f8c27f0
SSDEEP

3072:OeBztYPIQSqVTtfpMlk0zuA9AP+UGXUBxw6dXMIReX9BXlN:Oed2wuVTtqlRqyAP+1EBi6d8H

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c0967c1a26ba6e947627687ea2a2eff2959bc9e88ed6f24c88829218e6cd2819
- Size
  
  156KB
- MD5
  
  84ee3d68ceef4ef39efb170d2664b8e0
- SHA1
  
  ee6fe4519cf00284cab5b83fa09b43ca7c63c37c
- SHA256
  
  c0967c1a26ba6e947627687ea2a2eff2959bc9e88ed6f24c88829218e6cd2819
- SHA512
  
  caf87557fdd45b6105c9ebf09405861f7015209b3ecd32c321ac01e3c50d7c4196536c2fea7ad437348038cea08780b2002effebe555c642c150d3600f8c27f0
- SSDEEP
  
  3072:OeBztYPIQSqVTtfpMlk0zuA9AP+UGXUBxw6dXMIReX9BXlN:Oed2wuVTtqlRqyAP+1EBi6d8H
Score

7^/10

persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2