ef24f39a146f193ca4cf6c2e62ca0a42a28f2f87585f38f904070b69418a0f0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef24f39a146f193ca4cf6c2e62ca0a42a28f2f87585f38f904070b69418a0f0a
Size

160KB
Sample

221121-vvka7sag87
MD5

21c1a214c5b419b0be4d436ee9018050
SHA1

75932768e31f7dff7447cbd0301222065cb18590
SHA256

ef24f39a146f193ca4cf6c2e62ca0a42a28f2f87585f38f904070b69418a0f0a
SHA512

575b5bea1f5918f2fb13f89038c20c6493e7f3bcba7ab3c1a207f89f843ddbb8be7465a9e1305aeb02df756a3c83ded4382eb087f0cc59ee0a4faa2fb1454d5a
SSDEEP

3072:zUtENadzm8QRVtfj42ZZHwiIjYMytMpDv/4cNB/ni4R4PG6HzK/4LfGKmjTj6Qcp:zUtENadztQRVtr/QTYMy69TPi4WO6HzE

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ef24f39a146f193ca4cf6c2e62ca0a42a28f2f87585f38f904070b69418a0f0a
- Size
  
  160KB
- MD5
  
  21c1a214c5b419b0be4d436ee9018050
- SHA1
  
  75932768e31f7dff7447cbd0301222065cb18590
- SHA256
  
  ef24f39a146f193ca4cf6c2e62ca0a42a28f2f87585f38f904070b69418a0f0a
- SHA512
  
  575b5bea1f5918f2fb13f89038c20c6493e7f3bcba7ab3c1a207f89f843ddbb8be7465a9e1305aeb02df756a3c83ded4382eb087f0cc59ee0a4faa2fb1454d5a
- SSDEEP
  
  3072:zUtENadzm8QRVtfj42ZZHwiIjYMytMpDv/4cNB/ni4R4PG6HzK/4LfGKmjTj6Qcp:zUtENadztQRVtr/QTYMy69TPi4WO6HzE
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2