55c61d1035c3baf3c2f95b226518ad22befe356548eec0e0b45549b53a305359 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55c61d1035c3baf3c2f95b226518ad22befe356548eec0e0b45549b53a305359
Size

330KB
Sample

221030-r85yaagaap
MD5

8486d46bb72ad027f5a74138f24a93a0
SHA1

dacac93526809f512498222e0063522f3e6c89ae
SHA256

55c61d1035c3baf3c2f95b226518ad22befe356548eec0e0b45549b53a305359
SHA512

5f68dd3c4dcccef2b85c1ce1052249342f696254395c11d7a0644433efe0c6dbb1213bfef6c6a4c24df4b810eebeabc323a8a917f9f3a9e71946246ec8d58adc
SSDEEP

6144:eZrPQQbo0hcTkRB5RQ2RgkgFndytTnYfZfPehvOH5Wph:8rPo0KTkH5e2YdytjYdPek

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  55c61d1035c3baf3c2f95b226518ad22befe356548eec0e0b45549b53a305359
- Size
  
  330KB
- MD5
  
  8486d46bb72ad027f5a74138f24a93a0
- SHA1
  
  dacac93526809f512498222e0063522f3e6c89ae
- SHA256
  
  55c61d1035c3baf3c2f95b226518ad22befe356548eec0e0b45549b53a305359
- SHA512
  
  5f68dd3c4dcccef2b85c1ce1052249342f696254395c11d7a0644433efe0c6dbb1213bfef6c6a4c24df4b810eebeabc323a8a917f9f3a9e71946246ec8d58adc
- SSDEEP
  
  6144:eZrPQQbo0hcTkRB5RQ2RgkgFndytTnYfZfPehvOH5Wph:8rPo0KTkH5e2YdytjYdPek
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2