8fa94bb51113e2a5d2575e317dc86647ff54c730f44334cfecad05317d7998fb | Triage

Sharing

General

Target

8fa94bb51113e2a5d2575e317dc86647ff54c730f44334cfecad05317d7998fb
Size

206KB
Sample

221030-twxggshhc5
MD5

83474b43d264b7f69a0569f19b732c6a
SHA1

275d72ddafa5b8e65d52b0d439fa8ebfb9be6255
SHA256

8fa94bb51113e2a5d2575e317dc86647ff54c730f44334cfecad05317d7998fb
SHA512

267ba76ae75221b220041e0ac66a4a14f4116485f20299f76c36c66c017dcb3b62b0d2cf091b26bf38341f43ffa53dee187a1c0d5c4b45c77b441ab202988df2
SSDEEP

3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un8N:zvEN2U+T6i5LirrllHy4HUcMQY6dN

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  8fa94bb51113e2a5d2575e317dc86647ff54c730f44334cfecad05317d7998fb
- Size
  
  206KB
- MD5
  
  83474b43d264b7f69a0569f19b732c6a
- SHA1
  
  275d72ddafa5b8e65d52b0d439fa8ebfb9be6255
- SHA256
  
  8fa94bb51113e2a5d2575e317dc86647ff54c730f44334cfecad05317d7998fb
- SHA512
  
  267ba76ae75221b220041e0ac66a4a14f4116485f20299f76c36c66c017dcb3b62b0d2cf091b26bf38341f43ffa53dee187a1c0d5c4b45c77b441ab202988df2
- SSDEEP
  
  3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un8N:zvEN2U+T6i5LirrllHy4HUcMQY6dN
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence