81c844bec0ac8df8e459baf830491e00f84e448dba2db5b19c1a1742d9ed89c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81c844bec0ac8df8e459baf830491e00f84e448dba2db5b19c1a1742d9ed89c6
Size

317KB
Sample

221030-rt82dsfcdq
MD5

a2da7f7f0cac1c15dd4e718c2c049ac0
SHA1

795f9523d0dd06215eda618fbf1477e631614ee4
SHA256

81c844bec0ac8df8e459baf830491e00f84e448dba2db5b19c1a1742d9ed89c6
SHA512

8d6d4da28838ec51fdd48b038767834b88db51f3360d443ffd6c570d200bbf33f7908c50e79899be257e0bf152e6ddf27aef0bb5fe3138d1bdc4a40bdf136c33
SSDEEP

6144:e731bdBaBPExSg9vL8cePXm+o2lBlYK++p0rR+dCGAh4BhE6WWlARXt:01bRSg6h2+o2lBlYN+pUSG8hEdDd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  81c844bec0ac8df8e459baf830491e00f84e448dba2db5b19c1a1742d9ed89c6
- Size
  
  317KB
- MD5
  
  a2da7f7f0cac1c15dd4e718c2c049ac0
- SHA1
  
  795f9523d0dd06215eda618fbf1477e631614ee4
- SHA256
  
  81c844bec0ac8df8e459baf830491e00f84e448dba2db5b19c1a1742d9ed89c6
- SHA512
  
  8d6d4da28838ec51fdd48b038767834b88db51f3360d443ffd6c570d200bbf33f7908c50e79899be257e0bf152e6ddf27aef0bb5fe3138d1bdc4a40bdf136c33
- SSDEEP
  
  6144:e731bdBaBPExSg9vL8cePXm+o2lBlYK++p0rR+dCGAh4BhE6WWlARXt:01bRSg6h2+o2lBlYN+pUSG8hEdDd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2