20b2bcd54418d8e51ac698254c571472c14acb69ae32dfaa57135168ec31c3a5 | Triage

Sharing

General

Target

20b2bcd54418d8e51ac698254c571472c14acb69ae32dfaa57135168ec31c3a5
Size

941KB
Sample

221106-mtg6fsgbc2
MD5

10d04c3cece774db117d6f13c1cb9cb2
SHA1

04f842c2e630c5a8e62aee285c651ce271f30c61
SHA256

20b2bcd54418d8e51ac698254c571472c14acb69ae32dfaa57135168ec31c3a5
SHA512

68c8cefa67ccd4dfe75fa759cd2bbdf245b551a4d748a744d0cb7f4fed3b919deb9aef9c8bdf6fbe21aea59c3e40dfa7a2ca152e14e83a84cd05a33124affb49
SSDEEP

24576:51bdHbVtxRdUwqgp5VNoBS/FJHUNRLUD7JLqD5x1g:5fbVtJvPFJqkLqD5jg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  20b2bcd54418d8e51ac698254c571472c14acb69ae32dfaa57135168ec31c3a5
- Size
  
  941KB
- MD5
  
  10d04c3cece774db117d6f13c1cb9cb2
- SHA1
  
  04f842c2e630c5a8e62aee285c651ce271f30c61
- SHA256
  
  20b2bcd54418d8e51ac698254c571472c14acb69ae32dfaa57135168ec31c3a5
- SHA512
  
  68c8cefa67ccd4dfe75fa759cd2bbdf245b551a4d748a744d0cb7f4fed3b919deb9aef9c8bdf6fbe21aea59c3e40dfa7a2ca152e14e83a84cd05a33124affb49
- SSDEEP
  
  24576:51bdHbVtxRdUwqgp5VNoBS/FJHUNRLUD7JLqD5x1g:5fbVtJvPFJqkLqD5jg
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2