3ac961d63d89d1f0c093b362cd6ca91ca3b1f7b26adb073f2cf063ac148c9a6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ac961d63d89d1f0c093b362cd6ca91ca3b1f7b26adb073f2cf063ac148c9a6d
Size

30KB
Sample

221030-jpp4qabbaq
MD5

92d5c5075d1deb8123bad0308b060016
SHA1

98ed791d7089f553e429b82e3672ed90b23211c4
SHA256

3ac961d63d89d1f0c093b362cd6ca91ca3b1f7b26adb073f2cf063ac148c9a6d
SHA512

228206069ab1d73899064f7879a7dcb6c4adfc8e7b62c750a8e2249a41ac48d96b43a1dd110e0d003d5eeab2446dbd8f856d8b8a0698a80f8b81f670816250f9
SSDEEP

768:C9bT2RnDMP36bo2++LC0566eaHXIkWQEY0zsQPN:2T2Zeoo2rLJ9eo4kWQEYBKN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3ac961d63d89d1f0c093b362cd6ca91ca3b1f7b26adb073f2cf063ac148c9a6d
- Size
  
  30KB
- MD5
  
  92d5c5075d1deb8123bad0308b060016
- SHA1
  
  98ed791d7089f553e429b82e3672ed90b23211c4
- SHA256
  
  3ac961d63d89d1f0c093b362cd6ca91ca3b1f7b26adb073f2cf063ac148c9a6d
- SHA512
  
  228206069ab1d73899064f7879a7dcb6c4adfc8e7b62c750a8e2249a41ac48d96b43a1dd110e0d003d5eeab2446dbd8f856d8b8a0698a80f8b81f670816250f9
- SSDEEP
  
  768:C9bT2RnDMP36bo2++LC0566eaHXIkWQEY0zsQPN:2T2Zeoo2rLJ9eo4kWQEYBKN
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2