Overview

overview

10

Static

static

7e62dc1ab7...41.exe

windows7-x64

10

7e62dc1ab7...41.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41

  • Size

    100KB

  • Sample

    221123-m9ltksbd2y

  • MD5

    c0c571112cdab49fd27f5b7379862015

  • SHA1

    53c40e886e7caf31f66d6a6d212f064e36bc26b9

  • SHA256

    7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41

  • SHA512

    b7b02152d1eca24c06101f49be21e2db2e60b3e4c2f35ce01c334d4ba3a6dcc0005f8bae3c78e78e21d738228551befbd1e473ce5b55a2d3217071f3f5022ed0

  • SSDEEP

    3072:JSefggztX69FH+VYBMQSiwWpfwKf0itHvJ:Jvoca9eiwWpfweTtPJ

Score
10/10
persistence

Malware Config

Targets

    • Target

      7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41

    • Size

      100KB

    • MD5

      c0c571112cdab49fd27f5b7379862015

    • SHA1

      53c40e886e7caf31f66d6a6d212f064e36bc26b9

    • SHA256

      7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41

    • SHA512

      b7b02152d1eca24c06101f49be21e2db2e60b3e4c2f35ce01c334d4ba3a6dcc0005f8bae3c78e78e21d738228551befbd1e473ce5b55a2d3217071f3f5022ed0

    • SSDEEP

      3072:JSefggztX69FH+VYBMQSiwWpfwKf0itHvJ:Jvoca9eiwWpfweTtPJ

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

2
T1004

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Security Software Discovery

1
T1063

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks