7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41 | Triage

Sharing

General

Target

7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41
Size

100KB
Sample

221123-m9ltksbd2y
MD5

c0c571112cdab49fd27f5b7379862015
SHA1

53c40e886e7caf31f66d6a6d212f064e36bc26b9
SHA256

7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41
SHA512

b7b02152d1eca24c06101f49be21e2db2e60b3e4c2f35ce01c334d4ba3a6dcc0005f8bae3c78e78e21d738228551befbd1e473ce5b55a2d3217071f3f5022ed0
SSDEEP

3072:JSefggztX69FH+VYBMQSiwWpfwKf0itHvJ:Jvoca9eiwWpfweTtPJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41
- Size
  
  100KB
- MD5
  
  c0c571112cdab49fd27f5b7379862015
- SHA1
  
  53c40e886e7caf31f66d6a6d212f064e36bc26b9
- SHA256
  
  7e62dc1ab70b8195bb978e74df7cdc555d87d9793b31adb853e457088402ff41
- SHA512
  
  b7b02152d1eca24c06101f49be21e2db2e60b3e4c2f35ce01c334d4ba3a6dcc0005f8bae3c78e78e21d738228551befbd1e473ce5b55a2d3217071f3f5022ed0
- SSDEEP
  
  3072:JSefggztX69FH+VYBMQSiwWpfwKf0itHvJ:Jvoca9eiwWpfweTtPJ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Security Software Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2