3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0 | Triage

Sharing

General

Target

3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0
Size

71KB
Sample

221124-axk1asag6x
MD5

3d1a2fc473f42ee4a7fa33042c692ec0
SHA1

81a5254970e046502b3f3d9329550c4eb43213fd
SHA256

3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0
SHA512

e98d2569952f2c3a24693ed8bb1cd61e1bdb7ad5a7c0f64cb5efeea839a118c877a1e85da1b9b5ed3c68ed750c1023ff497ed1bdda21984861e45fdb10ceae19
SSDEEP

1536:Xjk6Dwdg28ez4+pmxiHA8f1zwQVgvQmG:Xj+dg28ez4iAc1zwLvQmG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0
- Size
  
  71KB
- MD5
  
  3d1a2fc473f42ee4a7fa33042c692ec0
- SHA1
  
  81a5254970e046502b3f3d9329550c4eb43213fd
- SHA256
  
  3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0
- SHA512
  
  e98d2569952f2c3a24693ed8bb1cd61e1bdb7ad5a7c0f64cb5efeea839a118c877a1e85da1b9b5ed3c68ed750c1023ff497ed1bdda21984861e45fdb10ceae19
- SSDEEP
  
  1536:Xjk6Dwdg28ez4+pmxiHA8f1zwQVgvQmG:Xj+dg28ez4iAc1zwLvQmG
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2