9e96575804f223f3c744806debb47a33b52609dfd963c28b0b5a93c09c8901a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e96575804f223f3c744806debb47a33b52609dfd963c28b0b5a93c09c8901a1
Size

72KB
Sample

221030-jej5qaaehq
MD5

92615f4c83d692c21b2992ca9a4adc70
SHA1

d9ddf4a37768cacb35bfcec163fc01eac08a4069
SHA256

9e96575804f223f3c744806debb47a33b52609dfd963c28b0b5a93c09c8901a1
SHA512

fea8b745418357d8e45c25c96a599b7859d315be974281b4c18cfefcbe1664bd1ead2320bf8340c30b3d79d43b1683e31bca633d1d62d3ec286f645c74d69cf4
SSDEEP

768:XTQ+SITmFW5ANGVDU7V8FFY1+2TTJMc3nf1zBmQzTGfmgyqjgUwm:j7ST5Q8q01+6Bnf1zwQVgvjNwm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9e96575804f223f3c744806debb47a33b52609dfd963c28b0b5a93c09c8901a1
- Size
  
  72KB
- MD5
  
  92615f4c83d692c21b2992ca9a4adc70
- SHA1
  
  d9ddf4a37768cacb35bfcec163fc01eac08a4069
- SHA256
  
  9e96575804f223f3c744806debb47a33b52609dfd963c28b0b5a93c09c8901a1
- SHA512
  
  fea8b745418357d8e45c25c96a599b7859d315be974281b4c18cfefcbe1664bd1ead2320bf8340c30b3d79d43b1683e31bca633d1d62d3ec286f645c74d69cf4
- SSDEEP
  
  768:XTQ+SITmFW5ANGVDU7V8FFY1+2TTJMc3nf1zBmQzTGfmgyqjgUwm:j7ST5Q8q01+6Bnf1zwQVgvjNwm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2