74b33254aa9266c0fc73c5887d0cc929abbbe50bf6453d6aca910a9e8c2b9964 | Triage

Sharing

General

Target

74b33254aa9266c0fc73c5887d0cc929abbbe50bf6453d6aca910a9e8c2b9964
Size

122KB
Sample

221121-lfvnysdb43
MD5

2be5a04b3421f048de7d16638b1b0a11
SHA1

4f74e1c4707e6aa524a0e80b4540586058e53028
SHA256

74b33254aa9266c0fc73c5887d0cc929abbbe50bf6453d6aca910a9e8c2b9964
SHA512

37dc65d168922866287b4e1c14f8eb1eae86e68f0d6ece83ab4c6b38e6e10e6b9481a7d900512247016ce5dcd5e41fe8903f2735daa75907091ffe7be785560d
SSDEEP

3072:iJCD54/JTNWLQx7pMvifuWI9LJdZtg86WkUOwLNoJ:9UAifuWI91r96cryJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  74b33254aa9266c0fc73c5887d0cc929abbbe50bf6453d6aca910a9e8c2b9964
- Size
  
  122KB
- MD5
  
  2be5a04b3421f048de7d16638b1b0a11
- SHA1
  
  4f74e1c4707e6aa524a0e80b4540586058e53028
- SHA256
  
  74b33254aa9266c0fc73c5887d0cc929abbbe50bf6453d6aca910a9e8c2b9964
- SHA512
  
  37dc65d168922866287b4e1c14f8eb1eae86e68f0d6ece83ab4c6b38e6e10e6b9481a7d900512247016ce5dcd5e41fe8903f2735daa75907091ffe7be785560d
- SSDEEP
  
  3072:iJCD54/JTNWLQx7pMvifuWI9LJdZtg86WkUOwLNoJ:9UAifuWI91r96cryJ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2