3306a361977b320f624497848bc60b59a9c32f71169e0602995ce13f6c7ec10f | Triage

Sharing

General

Target

3306a361977b320f624497848bc60b59a9c32f71169e0602995ce13f6c7ec10f
Size

250KB
Sample

221123-rzx63shh66
MD5

1bb47165d28be158937ae23e097ccc20
SHA1

e2cc477985a228220d9113b09d0948448c2afdac
SHA256

3306a361977b320f624497848bc60b59a9c32f71169e0602995ce13f6c7ec10f
SHA512

0d88e13e1e855893a3179fbe1e21d3dd24850d96a61b7c091ba09372dddfa3d35ee33b89c54b8b2356450386fa07c91510a1f95cb017e580605b79cd9ca02865
SSDEEP

6144:mcjlsubtn6BV+/1PSSggDhBkLq2pjMoyYKRKESBv:riuZ6Bq1aMWqBTSV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3306a361977b320f624497848bc60b59a9c32f71169e0602995ce13f6c7ec10f
- Size
  
  250KB
- MD5
  
  1bb47165d28be158937ae23e097ccc20
- SHA1
  
  e2cc477985a228220d9113b09d0948448c2afdac
- SHA256
  
  3306a361977b320f624497848bc60b59a9c32f71169e0602995ce13f6c7ec10f
- SHA512
  
  0d88e13e1e855893a3179fbe1e21d3dd24850d96a61b7c091ba09372dddfa3d35ee33b89c54b8b2356450386fa07c91510a1f95cb017e580605b79cd9ca02865
- SSDEEP
  
  6144:mcjlsubtn6BV+/1PSSggDhBkLq2pjMoyYKRKESBv:riuZ6Bq1aMWqBTSV
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2