13ba1b2bdd262a0e59633483650c8ee9bc6719eba4a89728047dd8f9916bb3e3 | Triage

Sharing

General

Target

13ba1b2bdd262a0e59633483650c8ee9bc6719eba4a89728047dd8f9916bb3e3
Size

180KB
Sample

221124-ats7hafc86
MD5

355324773eb72d43dac05353298e4a9b
SHA1

1c15a37e01232f9d622a896c55232d4f90ed3ea1
SHA256

13ba1b2bdd262a0e59633483650c8ee9bc6719eba4a89728047dd8f9916bb3e3
SHA512

a1d0e08e0dff63d452f334988fe49e32e632cbf8781a73a52decff10c05a3c996736c62e4454bdd381a89bd79a952e88252cb69b42ce55c6a0120cd5b94b5ff1
SSDEEP

1536:SvUdTHmvPE6OHeFvb/GBav1dVdxW/x7ijXaeaRhdsRUh:rdKHENTav1BxW/x7Gdaj7h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  13ba1b2bdd262a0e59633483650c8ee9bc6719eba4a89728047dd8f9916bb3e3
- Size
  
  180KB
- MD5
  
  355324773eb72d43dac05353298e4a9b
- SHA1
  
  1c15a37e01232f9d622a896c55232d4f90ed3ea1
- SHA256
  
  13ba1b2bdd262a0e59633483650c8ee9bc6719eba4a89728047dd8f9916bb3e3
- SHA512
  
  a1d0e08e0dff63d452f334988fe49e32e632cbf8781a73a52decff10c05a3c996736c62e4454bdd381a89bd79a952e88252cb69b42ce55c6a0120cd5b94b5ff1
- SSDEEP
  
  1536:SvUdTHmvPE6OHeFvb/GBav1dVdxW/x7ijXaeaRhdsRUh:rdKHENTav1BxW/x7Gdaj7h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2