f9bbf77e5e5fc46024f7b390c67e410cbca1b91a452d384ae95e55444355c2c5 | Triage

Sharing

General

Target

f9bbf77e5e5fc46024f7b390c67e410cbca1b91a452d384ae95e55444355c2c5
Size

1.9MB
Sample

221030-a8bk1aebd2
MD5

9364278e6bcdb525f0a247a05580dde5
SHA1

cb6d265796a1d0089070b9f01104626c1906e868
SHA256

f9bbf77e5e5fc46024f7b390c67e410cbca1b91a452d384ae95e55444355c2c5
SHA512

a01125737459f67eff4db6bfb55259109f88eba0b7154d08c93e4eb427f8107b9ca36cc1106764b9ccb377942a66d9a8df24dd3114fffcbcbafa89aaf7317d87
SSDEEP

6144:BA1zXBuc5fZoBpuZLk8Buc5fZoBpuZLa8Buc5fZoBpA:BAlXBJ5fZJO8BJ5fZJM8BJ5fZ1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f9bbf77e5e5fc46024f7b390c67e410cbca1b91a452d384ae95e55444355c2c5
- Size
  
  1.9MB
- MD5
  
  9364278e6bcdb525f0a247a05580dde5
- SHA1
  
  cb6d265796a1d0089070b9f01104626c1906e868
- SHA256
  
  f9bbf77e5e5fc46024f7b390c67e410cbca1b91a452d384ae95e55444355c2c5
- SHA512
  
  a01125737459f67eff4db6bfb55259109f88eba0b7154d08c93e4eb427f8107b9ca36cc1106764b9ccb377942a66d9a8df24dd3114fffcbcbafa89aaf7317d87
- SSDEEP
  
  6144:BA1zXBuc5fZoBpuZLk8Buc5fZoBpuZLa8Buc5fZoBpA:BAlXBJ5fZJO8BJ5fZJM8BJ5fZ1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2