6f6f670bd231045847e7fad9a9867118e4ccda92d6171d1fc6ee292cefbe7569 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f6f670bd231045847e7fad9a9867118e4ccda92d6171d1fc6ee292cefbe7569
Size

2.0MB
Sample

221030-rva6rafcek
MD5

93a19fc57e450f8c322db0cbc54b3e33
SHA1

fb1083f9e17e301140fb914e19eae42ed5f1fafd
SHA256

6f6f670bd231045847e7fad9a9867118e4ccda92d6171d1fc6ee292cefbe7569
SHA512

d68b259380c2c2f4b8a0d0736f097f7f920dea85418d71e8a7b0e33811ddb312ecac86151390effc250926924bf7d71961dc1777e74eb78c993fc6f6d2f31d6c
SSDEEP

49152:54HVc5RhFH8g8Xp5mgjgCitKCnT+LQk9tUNNo+0JOGlv:yA/O4WJ9gTdkN+/Gl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6f6f670bd231045847e7fad9a9867118e4ccda92d6171d1fc6ee292cefbe7569
- Size
  
  2.0MB
- MD5
  
  93a19fc57e450f8c322db0cbc54b3e33
- SHA1
  
  fb1083f9e17e301140fb914e19eae42ed5f1fafd
- SHA256
  
  6f6f670bd231045847e7fad9a9867118e4ccda92d6171d1fc6ee292cefbe7569
- SHA512
  
  d68b259380c2c2f4b8a0d0736f097f7f920dea85418d71e8a7b0e33811ddb312ecac86151390effc250926924bf7d71961dc1777e74eb78c993fc6f6d2f31d6c
- SSDEEP
  
  49152:54HVc5RhFH8g8Xp5mgjgCitKCnT+LQk9tUNNo+0JOGlv:yA/O4WJ9gTdkN+/Gl
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2