3d08abda110991aa2e5b8951183fd00c165252a0f0e34e232d6bc81fbb85800f | Triage

Sharing

General

Target

3d08abda110991aa2e5b8951183fd00c165252a0f0e34e232d6bc81fbb85800f
Size

48KB
Sample

221123-v1anysdd8y
MD5

ab6a65e2d48d258369327aa19c11d7ff
SHA1

d32bae0b0b65e866cda0a0b803f018e122f87a1a
SHA256

3d08abda110991aa2e5b8951183fd00c165252a0f0e34e232d6bc81fbb85800f
SHA512

10546faa76512a1ba70b429c998d38535d0fa783ad9997f89f8ddb9683dc75f633aa7b77f98d7bc0d730f3fc425ae292739bd7fb1b981915a896ea35fb75b1ab
SSDEEP

768:tpsPTLQMsj7IU+Ms0LaWeSbTIXMaZ0M+XH4FrQmFntb:tpsrwCSw8W0mF91tb

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3d08abda110991aa2e5b8951183fd00c165252a0f0e34e232d6bc81fbb85800f
- Size
  
  48KB
- MD5
  
  ab6a65e2d48d258369327aa19c11d7ff
- SHA1
  
  d32bae0b0b65e866cda0a0b803f018e122f87a1a
- SHA256
  
  3d08abda110991aa2e5b8951183fd00c165252a0f0e34e232d6bc81fbb85800f
- SHA512
  
  10546faa76512a1ba70b429c998d38535d0fa783ad9997f89f8ddb9683dc75f633aa7b77f98d7bc0d730f3fc425ae292739bd7fb1b981915a896ea35fb75b1ab
- SSDEEP
  
  768:tpsPTLQMsj7IU+Ms0LaWeSbTIXMaZ0M+XH4FrQmFntb:tpsrwCSw8W0mF91tb
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2