2950cbee6c343e8640e1c0cfc4ea6dcec773f36ee365a19e4758aa4beed05118 | Triage

Sharing

General

Target

2950cbee6c343e8640e1c0cfc4ea6dcec773f36ee365a19e4758aa4beed05118
Size

205KB
Sample

221123-lrjqtsfe3y
MD5

5606221828ac5cf18128132f9c24c312
SHA1

e13a6c52a29337fe209bec43360cca9ef32288d8
SHA256

2950cbee6c343e8640e1c0cfc4ea6dcec773f36ee365a19e4758aa4beed05118
SHA512

b612ec04672cc2edf247958b6a032f7d43b0ec020696c4ebc3f92ab856413aee46c5a48a68d02ba28a44d834b9d340e0499c1f91fd4603056974fcf478955670
SSDEEP

3072:7ofKHb2VlNTmV4/ORoRkU9wLZWbzsPH90t7lye7/ASWYBncS:7ofmbENTma/OlLZWbTEqncS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2950cbee6c343e8640e1c0cfc4ea6dcec773f36ee365a19e4758aa4beed05118
- Size
  
  205KB
- MD5
  
  5606221828ac5cf18128132f9c24c312
- SHA1
  
  e13a6c52a29337fe209bec43360cca9ef32288d8
- SHA256
  
  2950cbee6c343e8640e1c0cfc4ea6dcec773f36ee365a19e4758aa4beed05118
- SHA512
  
  b612ec04672cc2edf247958b6a032f7d43b0ec020696c4ebc3f92ab856413aee46c5a48a68d02ba28a44d834b9d340e0499c1f91fd4603056974fcf478955670
- SSDEEP
  
  3072:7ofKHb2VlNTmV4/ORoRkU9wLZWbzsPH90t7lye7/ASWYBncS:7ofmbENTma/OlLZWbTEqncS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2