1dd34fcc7b4638d08032f95c347b68e14ab962c7ba5731efbe570a9006986203 | Triage

Sharing

General

Target

1dd34fcc7b4638d08032f95c347b68e14ab962c7ba5731efbe570a9006986203
Size

324KB
Sample

221029-yqgajadeer
MD5

838ab1d4f875381816700504419e6892
SHA1

c0a929192ef15cb4748b046871de2133a1e9fd27
SHA256

1dd34fcc7b4638d08032f95c347b68e14ab962c7ba5731efbe570a9006986203
SHA512

688d624f55a49dc18f8cb3989f9e505caceaa47be63c4ee79d673e90c80931853f8a4bf9685c8bfb24067ae456fd0cf3b2326b083fe9d3f6b491811564e5af70
SSDEEP

3072:G1zwLUZh+E5OuCyeUkRkkmBpl1zwLvjpcFa:G1z1Zh/1kRkjpl1zx4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1dd34fcc7b4638d08032f95c347b68e14ab962c7ba5731efbe570a9006986203
- Size
  
  324KB
- MD5
  
  838ab1d4f875381816700504419e6892
- SHA1
  
  c0a929192ef15cb4748b046871de2133a1e9fd27
- SHA256
  
  1dd34fcc7b4638d08032f95c347b68e14ab962c7ba5731efbe570a9006986203
- SHA512
  
  688d624f55a49dc18f8cb3989f9e505caceaa47be63c4ee79d673e90c80931853f8a4bf9685c8bfb24067ae456fd0cf3b2326b083fe9d3f6b491811564e5af70
- SSDEEP
  
  3072:G1zwLUZh+E5OuCyeUkRkkmBpl1zwLvjpcFa:G1z1Zh/1kRkjpl1zx4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2