90e7e3df524bc3eb7528f3e662811166a850f207d09987e172cfd0c794722e3d | Triage

Sharing

General

Target

90e7e3df524bc3eb7528f3e662811166a850f207d09987e172cfd0c794722e3d
Size

827KB
Sample

221123-sz77qacf84
MD5

492485f2701b7048e8a068035c128eb0
SHA1

1b08c65a54731aec619d923cfbcd50e6227f7c58
SHA256

90e7e3df524bc3eb7528f3e662811166a850f207d09987e172cfd0c794722e3d
SHA512

9feabcaa7c1ec5ab5da5a8572d7af7738ae344a9b7b7bb0fb79ec58f0c51fdb6ae0af850693fed679208ba85074eee67277ca79ac9951c25fcec2fb0df602a32
SSDEEP

24576:51bdFto42fFHBarkbcNm5CAS7yn83lXYqYv:5tmHYkQNmUAEyeY9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  90e7e3df524bc3eb7528f3e662811166a850f207d09987e172cfd0c794722e3d
- Size
  
  827KB
- MD5
  
  492485f2701b7048e8a068035c128eb0
- SHA1
  
  1b08c65a54731aec619d923cfbcd50e6227f7c58
- SHA256
  
  90e7e3df524bc3eb7528f3e662811166a850f207d09987e172cfd0c794722e3d
- SHA512
  
  9feabcaa7c1ec5ab5da5a8572d7af7738ae344a9b7b7bb0fb79ec58f0c51fdb6ae0af850693fed679208ba85074eee67277ca79ac9951c25fcec2fb0df602a32
- SSDEEP
  
  24576:51bdFto42fFHBarkbcNm5CAS7yn83lXYqYv:5tmHYkQNmUAEyeY9
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2