6103f030b0bae2cdbe5a7fd79fb5cf035962eda5406af7fe29aa967a82d1419e | Triage

Sharing

General

Target

6103f030b0bae2cdbe5a7fd79fb5cf035962eda5406af7fe29aa967a82d1419e
Size

192KB
Sample

221123-vqtdbahf93
MD5

43d7bcb215e8a89ddeb3cb42bade9380
SHA1

edd3f8ceb1aa19ac14105dc0810f045c693feb3c
SHA256

6103f030b0bae2cdbe5a7fd79fb5cf035962eda5406af7fe29aa967a82d1419e
SHA512

6f0e9bafa674f9dfcff192f2713745ffd6cb2e8974ded277541882b096b4f32d2554bfe67c854c97b3dd46616c7430992d2f91e7b0e085d725ed4a79e1b0c200
SSDEEP

1536:xsJlOGa8LMKJJlgENcWV7E4syJ9gzZ4k0HfijBh6yRMML/rEfh:xsJlOGa8bJl3VsyJKzA2BEYIfh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6103f030b0bae2cdbe5a7fd79fb5cf035962eda5406af7fe29aa967a82d1419e
- Size
  
  192KB
- MD5
  
  43d7bcb215e8a89ddeb3cb42bade9380
- SHA1
  
  edd3f8ceb1aa19ac14105dc0810f045c693feb3c
- SHA256
  
  6103f030b0bae2cdbe5a7fd79fb5cf035962eda5406af7fe29aa967a82d1419e
- SHA512
  
  6f0e9bafa674f9dfcff192f2713745ffd6cb2e8974ded277541882b096b4f32d2554bfe67c854c97b3dd46616c7430992d2f91e7b0e085d725ed4a79e1b0c200
- SSDEEP
  
  1536:xsJlOGa8LMKJJlgENcWV7E4syJ9gzZ4k0HfijBh6yRMML/rEfh:xsJlOGa8bJl3VsyJKzA2BEYIfh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2