Overview

overview

10

Static

static

12591a3868...11.exe

windows7-x64

10

12591a3868...11.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12591a3868fccd54430648a23ffcc786723c9343737b6490981049677ec35e11

  • Size

    1.4MB

  • Sample

    221123-vgfqvsha22

  • MD5

    25b38133328658c9e56ee1c4746c79b2

  • SHA1

    c3eb5f503833f0f00f82cca77308bec95a3fc971

  • SHA256

    12591a3868fccd54430648a23ffcc786723c9343737b6490981049677ec35e11

  • SHA512

    c81d9ebbb76eab7e597e069c0bda3bd8fbb5d766f86d6c6e5f224010f3183542f0b6dc3355c440d9960c733486adc04ce4d83486882b2f0154b87a056f585df0

  • SSDEEP

    1536:IXTSHQ+AWwXpPhttIf1zwQVgv/qflVkSkwNegiYaZZiOK+ZXhuIwWWF:IjG4pPhLI1zwLv/2IfwNeginppGWW

Score
10/10
persistence

Malware Config

Targets

    • Target

      12591a3868fccd54430648a23ffcc786723c9343737b6490981049677ec35e11

    • Size

      1.4MB

    • MD5

      25b38133328658c9e56ee1c4746c79b2

    • SHA1

      c3eb5f503833f0f00f82cca77308bec95a3fc971

    • SHA256

      12591a3868fccd54430648a23ffcc786723c9343737b6490981049677ec35e11

    • SHA512

      c81d9ebbb76eab7e597e069c0bda3bd8fbb5d766f86d6c6e5f224010f3183542f0b6dc3355c440d9960c733486adc04ce4d83486882b2f0154b87a056f585df0

    • SSDEEP

      1536:IXTSHQ+AWwXpPhttIf1zwQVgv/qflVkSkwNegiYaZZiOK+ZXhuIwWWF:IjG4pPhLI1zwLv/2IfwNeginppGWW

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks