cc31fcfe935ea7374ca4a86783a47f77d7e6c6d840fb11789a9ff6ba665f9047 | Triage

Sharing

General

Target

cc31fcfe935ea7374ca4a86783a47f77d7e6c6d840fb11789a9ff6ba665f9047
Size

132KB
Sample

221123-xq6dzsfg49
MD5

2b20a6936da978e4ed5cb14589689151
SHA1

aab10f79f884342508e27db4556fe11e60cc59e3
SHA256

cc31fcfe935ea7374ca4a86783a47f77d7e6c6d840fb11789a9ff6ba665f9047
SHA512

0e2ab16e83084c44e4f0248039bd66be8f2b3310eb091eb39e4177c61eac3a0b6f00b619e5d30626516a0c33b91eb329b3554cce86a30aad624f688ede914a0a
SSDEEP

1536:jvJjYfQoomlMvYf8LtpfKUACQIENnSwHC4QxCIrOiotb2t:DKfQ9bQIe9C3xCIrmtb2t

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cc31fcfe935ea7374ca4a86783a47f77d7e6c6d840fb11789a9ff6ba665f9047
- Size
  
  132KB
- MD5
  
  2b20a6936da978e4ed5cb14589689151
- SHA1
  
  aab10f79f884342508e27db4556fe11e60cc59e3
- SHA256
  
  cc31fcfe935ea7374ca4a86783a47f77d7e6c6d840fb11789a9ff6ba665f9047
- SHA512
  
  0e2ab16e83084c44e4f0248039bd66be8f2b3310eb091eb39e4177c61eac3a0b6f00b619e5d30626516a0c33b91eb329b3554cce86a30aad624f688ede914a0a
- SSDEEP
  
  1536:jvJjYfQoomlMvYf8LtpfKUACQIENnSwHC4QxCIrOiotb2t:DKfQ9bQIe9C3xCIrmtb2t
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence