e8b175e84b68158a4fcd7225cecabc5af61f45baf97e7773fff436b5f63fabbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8b175e84b68158a4fcd7225cecabc5af61f45baf97e7773fff436b5f63fabbd
Size

212KB
Sample

221029-cjmm3sgcb7
MD5

41633143cc0c60b0dd63666f3e48cf0e
SHA1

31382e5500568f4dc228a12f169065a4cec3a5dc
SHA256

e8b175e84b68158a4fcd7225cecabc5af61f45baf97e7773fff436b5f63fabbd
SHA512

1e17346ce1861eb66926625ba16f0c06a9b8939d6c66ce9696cdf5bfba5becce1c1d37cc9866ac132ecf202d9dc5dedb80684f6adf4bb2395a864a6d66fecff7
SSDEEP

3072:8Cp92OF9j48oGabSYZyG892cfyu1B9MOG7uiVBEjkdYlvgXiTaBHXO/CE0wXg478:8CpB3M8oHK5KuFi7uiVBjdYlYnUf04un

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e8b175e84b68158a4fcd7225cecabc5af61f45baf97e7773fff436b5f63fabbd
- Size
  
  212KB
- MD5
  
  41633143cc0c60b0dd63666f3e48cf0e
- SHA1
  
  31382e5500568f4dc228a12f169065a4cec3a5dc
- SHA256
  
  e8b175e84b68158a4fcd7225cecabc5af61f45baf97e7773fff436b5f63fabbd
- SHA512
  
  1e17346ce1861eb66926625ba16f0c06a9b8939d6c66ce9696cdf5bfba5becce1c1d37cc9866ac132ecf202d9dc5dedb80684f6adf4bb2395a864a6d66fecff7
- SSDEEP
  
  3072:8Cp92OF9j48oGabSYZyG892cfyu1B9MOG7uiVBEjkdYlvgXiTaBHXO/CE0wXg478:8CpB3M8oHK5KuFi7uiVBjdYlYnUf04un
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2