8763e184279b23fc91b8365baeb51ff1f9bc707bc544d01c67473cfb31dfa4b3 | Triage

Sharing

General

Target

8763e184279b23fc91b8365baeb51ff1f9bc707bc544d01c67473cfb31dfa4b3
Size

80KB
Sample

221123-w7w17shb3z
MD5

525fdc9d211e0ddbb1618113eac9bd9b
SHA1

fb256eb3640ac598e03bb3e3f22160ba5ea2ae93
SHA256

8763e184279b23fc91b8365baeb51ff1f9bc707bc544d01c67473cfb31dfa4b3
SHA512

477c65531db7b5fd90eed71127137b0e34fd9d99dae000890e5fcda52b0f22fc70c7a1fca11cbd4b57d6e0464db074202981e15b3f05118f521a18bab2905077
SSDEEP

1536:TFYnqiEf5CyXVrL/Yp/uFI9pndBZgWaRhdsRJpT:T8SBnWEFIb5fajipT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8763e184279b23fc91b8365baeb51ff1f9bc707bc544d01c67473cfb31dfa4b3
- Size
  
  80KB
- MD5
  
  525fdc9d211e0ddbb1618113eac9bd9b
- SHA1
  
  fb256eb3640ac598e03bb3e3f22160ba5ea2ae93
- SHA256
  
  8763e184279b23fc91b8365baeb51ff1f9bc707bc544d01c67473cfb31dfa4b3
- SHA512
  
  477c65531db7b5fd90eed71127137b0e34fd9d99dae000890e5fcda52b0f22fc70c7a1fca11cbd4b57d6e0464db074202981e15b3f05118f521a18bab2905077
- SSDEEP
  
  1536:TFYnqiEf5CyXVrL/Yp/uFI9pndBZgWaRhdsRJpT:T8SBnWEFIb5fajipT
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2