7ebdd63a149c2ec54e3fe6240754b077ef337a1acd2d6417e7930a8f669fbc8c | Triage

Sharing

General

Target

7ebdd63a149c2ec54e3fe6240754b077ef337a1acd2d6417e7930a8f669fbc8c
Size

352KB
Sample

221123-lrgapsca89
MD5

d5bd090cb3898aecfbb348743fffe20d
SHA1

8d6428c4eff801988457a870db83de3b229a8f60
SHA256

7ebdd63a149c2ec54e3fe6240754b077ef337a1acd2d6417e7930a8f669fbc8c
SHA512

4f816e1d1a3cb42d052ee1f377e5958270ab18ff7ccc4346217bac32c726a0baba220e5ee870451c03d6a5ed3322189af047807553197806e70f7b5478a34a72
SSDEEP

6144:AawBiN/PMV5MkjpciwSra2zR2wCeKBY7UmDY9kNYDznacD3THP8HGJVXZ7eY7fHN:AfVV5MqaiwSNR2wJKBY7knDDbEHMVXVN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7ebdd63a149c2ec54e3fe6240754b077ef337a1acd2d6417e7930a8f669fbc8c
- Size
  
  352KB
- MD5
  
  d5bd090cb3898aecfbb348743fffe20d
- SHA1
  
  8d6428c4eff801988457a870db83de3b229a8f60
- SHA256
  
  7ebdd63a149c2ec54e3fe6240754b077ef337a1acd2d6417e7930a8f669fbc8c
- SHA512
  
  4f816e1d1a3cb42d052ee1f377e5958270ab18ff7ccc4346217bac32c726a0baba220e5ee870451c03d6a5ed3322189af047807553197806e70f7b5478a34a72
- SSDEEP
  
  6144:AawBiN/PMV5MkjpciwSra2zR2wCeKBY7UmDY9kNYDznacD3THP8HGJVXZ7eY7fHN:AfVV5MqaiwSNR2wJKBY7knDDbEHMVXVN
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2