f84bc808da0876103066e292ec1cb152728cf8912f11af7aa265e18bbef1823a | Triage

Sharing

General

Target

f84bc808da0876103066e292ec1cb152728cf8912f11af7aa265e18bbef1823a
Size

1.4MB
Sample

221030-wgkv9acef9
MD5

8357871907d4f7de929add00f3851e40
SHA1

2ec5b12790c69899f03dfdcb28c8002a476686ac
SHA256

f84bc808da0876103066e292ec1cb152728cf8912f11af7aa265e18bbef1823a
SHA512

eb77dafd1211d1a4122f59a0e2bc509f92a281cf659b6cc395d161efe7d851dd986984771aa1367f281204c4c71d046697446e15e23067ac425de18812fe0607
SSDEEP

1536:tXTSHQ+AWwXpPhttIf1zwQVgv/qflVkSkwNegiYaZZiOK+ZXhu:tjG4pPhLI1zwLv/2IfwNeginpp

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f84bc808da0876103066e292ec1cb152728cf8912f11af7aa265e18bbef1823a
- Size
  
  1.4MB
- MD5
  
  8357871907d4f7de929add00f3851e40
- SHA1
  
  2ec5b12790c69899f03dfdcb28c8002a476686ac
- SHA256
  
  f84bc808da0876103066e292ec1cb152728cf8912f11af7aa265e18bbef1823a
- SHA512
  
  eb77dafd1211d1a4122f59a0e2bc509f92a281cf659b6cc395d161efe7d851dd986984771aa1367f281204c4c71d046697446e15e23067ac425de18812fe0607
- SSDEEP
  
  1536:tXTSHQ+AWwXpPhttIf1zwQVgv/qflVkSkwNegiYaZZiOK+ZXhu:tjG4pPhLI1zwLv/2IfwNeginpp
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2