519eec9de37cbd636e2331b184dded24a9b3726198286061594d1a211d1947cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

519eec9de37cbd636e2331b184dded24a9b3726198286061594d1a211d1947cb
Size

264KB
Sample

221029-2mgcxaabg9
MD5

83ab4094df38a5130d22890022b928d0
SHA1

f09ed2a274014c4fec572beb18cfe8a878323446
SHA256

519eec9de37cbd636e2331b184dded24a9b3726198286061594d1a211d1947cb
SHA512

c527aa0ab905bb5957e67b47ede7967c725afe2a97d23123a6f6e78426fd6a5b06e5d2164c541337f98b2973e1cf11a92cbcd84c48160e53603c50015ea80723
SSDEEP

6144:0NF1SuuqqTP4d5hoRkwyXbxng8oC3WxM1n0knmES:0X18TOhVfWGtnm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  519eec9de37cbd636e2331b184dded24a9b3726198286061594d1a211d1947cb
- Size
  
  264KB
- MD5
  
  83ab4094df38a5130d22890022b928d0
- SHA1
  
  f09ed2a274014c4fec572beb18cfe8a878323446
- SHA256
  
  519eec9de37cbd636e2331b184dded24a9b3726198286061594d1a211d1947cb
- SHA512
  
  c527aa0ab905bb5957e67b47ede7967c725afe2a97d23123a6f6e78426fd6a5b06e5d2164c541337f98b2973e1cf11a92cbcd84c48160e53603c50015ea80723
- SSDEEP
  
  6144:0NF1SuuqqTP4d5hoRkwyXbxng8oC3WxM1n0knmES:0X18TOhVfWGtnm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2