11f1f956dd55e0f22a2d83bd0ac1c56b165f344aca5b5ec979af3ee05dcda58b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11f1f956dd55e0f22a2d83bd0ac1c56b165f344aca5b5ec979af3ee05dcda58b
Size

83KB
Sample

221106-s1stesbfcq
MD5

0668a22a2faf3c93c7d4a3dd69639c42
SHA1

12c81d2611ee5786dd13a08c24eb42a8395d0233
SHA256

11f1f956dd55e0f22a2d83bd0ac1c56b165f344aca5b5ec979af3ee05dcda58b
SHA512

82875919e75f731728f15466b4aba7f6bba00389a0c1b91aa4e4b958aebf79efdf1004fe53f564714c0caaa2aec2902aaa3eea5b2aab330ca51b0030b894e99d
SSDEEP

1536:Jrz7xaZhyR4Z0IiinPEDO383Xt5aRhdsRJ6:VwZUu8inPEDewzaji6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  11f1f956dd55e0f22a2d83bd0ac1c56b165f344aca5b5ec979af3ee05dcda58b
- Size
  
  83KB
- MD5
  
  0668a22a2faf3c93c7d4a3dd69639c42
- SHA1
  
  12c81d2611ee5786dd13a08c24eb42a8395d0233
- SHA256
  
  11f1f956dd55e0f22a2d83bd0ac1c56b165f344aca5b5ec979af3ee05dcda58b
- SHA512
  
  82875919e75f731728f15466b4aba7f6bba00389a0c1b91aa4e4b958aebf79efdf1004fe53f564714c0caaa2aec2902aaa3eea5b2aab330ca51b0030b894e99d
- SSDEEP
  
  1536:Jrz7xaZhyR4Z0IiinPEDO383Xt5aRhdsRJ6:VwZUu8inPEDewzaji6
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2