d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494 | Triage

Sharing

General

Target

d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
Size

314KB
Sample

221029-nxk7ysfben
MD5

9bce1f3dea515267168b491859b037a6
SHA1

c71a9555c982894e016934eab01da71c6e2d4530
SHA256

d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
SHA512

966e97e9bdac33bca28a95e4e03fbd4d189daeb54cd577b98dce91536c32edfac7ed2ba599703968523fd8c635f2a1a459a3866e9b3967c6eb5e693eed9f45d2
SSDEEP

6144:A0E11ym+jcV9I+dx/brnEdxHdUemx2rB8ark4xD08X3BoBlaIBpMBM:AlX9+y9ItS+GarJD08nBdaMBM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
- Size
  
  314KB
- MD5
  
  9bce1f3dea515267168b491859b037a6
- SHA1
  
  c71a9555c982894e016934eab01da71c6e2d4530
- SHA256
  
  d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
- SHA512
  
  966e97e9bdac33bca28a95e4e03fbd4d189daeb54cd577b98dce91536c32edfac7ed2ba599703968523fd8c635f2a1a459a3866e9b3967c6eb5e693eed9f45d2
- SSDEEP
  
  6144:A0E11ym+jcV9I+dx/brnEdxHdUemx2rB8ark4xD08X3BoBlaIBpMBM:AlX9+y9ItS+GarJD08nBdaMBM
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2