a3c0f849270611b2008a39988691f932ae841a07bce7d8f14516fc9ef8e49ad1 | Triage

Sharing

General

Target

a3c0f849270611b2008a39988691f932ae841a07bce7d8f14516fc9ef8e49ad1
Size

176KB
Sample

221123-lrhhrsca95
MD5

a07e6b68e78e8de04ef53dfcbb42ad09
SHA1

c1e8cf1db7b126dbf09170414e7ce84b99e11f85
SHA256

a3c0f849270611b2008a39988691f932ae841a07bce7d8f14516fc9ef8e49ad1
SHA512

a0328e6ca49b80b37c0f02cebeef4383fd95b0b9f3bd997c18cee3ec2fe6c0d67f5eb2056876462f0d7d30075dd00c39e18288b7244ae5ad4a9991fe769ade1d
SSDEEP

3072:7ofKHb2VlN9ydRo9CTlPgsVG9L4vdyUbW2qFQE4GVpu1Wt:7ofmbEN9BE+WUUvPW2qp4GVp2c

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a3c0f849270611b2008a39988691f932ae841a07bce7d8f14516fc9ef8e49ad1
- Size
  
  176KB
- MD5
  
  a07e6b68e78e8de04ef53dfcbb42ad09
- SHA1
  
  c1e8cf1db7b126dbf09170414e7ce84b99e11f85
- SHA256
  
  a3c0f849270611b2008a39988691f932ae841a07bce7d8f14516fc9ef8e49ad1
- SHA512
  
  a0328e6ca49b80b37c0f02cebeef4383fd95b0b9f3bd997c18cee3ec2fe6c0d67f5eb2056876462f0d7d30075dd00c39e18288b7244ae5ad4a9991fe769ade1d
- SSDEEP
  
  3072:7ofKHb2VlN9ydRo9CTlPgsVG9L4vdyUbW2qFQE4GVpu1Wt:7ofmbEN9BE+WUUvPW2qp4GVp2c
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2