bbf8e99ea4584ee8ced41e8e1710d20c4606b8dfd3147bf22be1eb5b98d3a8cd | Triage

Sharing

General

Target

bbf8e99ea4584ee8ced41e8e1710d20c4606b8dfd3147bf22be1eb5b98d3a8cd
Size

932KB
Sample

221030-y54z5sacgn
MD5

920740383650dbc975d2e4ddd98a5d45
SHA1

9638258ea6c756c49ecce9be59ce774a4a2733cc
SHA256

bbf8e99ea4584ee8ced41e8e1710d20c4606b8dfd3147bf22be1eb5b98d3a8cd
SHA512

a21eb718160f3085a2798e6520bd194ce17392a3920aa65d3ddd9368eeb38d28a70441190161caba4e2ed7d1687f4eea02683b331462530339b4e55f75f4a7d1
SSDEEP

1536:Fzf1zwQVgWeuYoeHlOYo3qdsEkKhJ0XO+tpiMf1zwQVgvwjw+:Fb1zwLWeuYoetaqnkKhJOtpis1zwLvw

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bbf8e99ea4584ee8ced41e8e1710d20c4606b8dfd3147bf22be1eb5b98d3a8cd
- Size
  
  932KB
- MD5
  
  920740383650dbc975d2e4ddd98a5d45
- SHA1
  
  9638258ea6c756c49ecce9be59ce774a4a2733cc
- SHA256
  
  bbf8e99ea4584ee8ced41e8e1710d20c4606b8dfd3147bf22be1eb5b98d3a8cd
- SHA512
  
  a21eb718160f3085a2798e6520bd194ce17392a3920aa65d3ddd9368eeb38d28a70441190161caba4e2ed7d1687f4eea02683b331462530339b4e55f75f4a7d1
- SSDEEP
  
  1536:Fzf1zwQVgWeuYoeHlOYo3qdsEkKhJ0XO+tpiMf1zwQVgvwjw+:Fb1zwLWeuYoetaqnkKhJOtpis1zwLvw
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2