b21f12eecbfdec6299ad7175cfdc02b949db215cf6a79320450876157a73f1c0 | Triage

Sharing

General

Target

b21f12eecbfdec6299ad7175cfdc02b949db215cf6a79320450876157a73f1c0
Size

206KB
Sample

221123-vyfgesdc6w
MD5

53b9f03674798ef4892eee3675294637
SHA1

60864b82fa2e45831be359d3228226eab7370161
SHA256

b21f12eecbfdec6299ad7175cfdc02b949db215cf6a79320450876157a73f1c0
SHA512

ba84eca159f554a72faae5bead67f06c1373710ce108edabcdf288528a336a519fe8b9ac1ba099b36b1cb30e362ebd0bc4cb84f6880624de2f1dcd2cf6c74107
SSDEEP

3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unM:zvEN2U+T6i5LirrllHy4HUcMQY6B

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b21f12eecbfdec6299ad7175cfdc02b949db215cf6a79320450876157a73f1c0
- Size
  
  206KB
- MD5
  
  53b9f03674798ef4892eee3675294637
- SHA1
  
  60864b82fa2e45831be359d3228226eab7370161
- SHA256
  
  b21f12eecbfdec6299ad7175cfdc02b949db215cf6a79320450876157a73f1c0
- SHA512
  
  ba84eca159f554a72faae5bead67f06c1373710ce108edabcdf288528a336a519fe8b9ac1ba099b36b1cb30e362ebd0bc4cb84f6880624de2f1dcd2cf6c74107
- SSDEEP
  
  3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unM:zvEN2U+T6i5LirrllHy4HUcMQY6B
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence