526c84e6429c7ade3dc38fd3a7e04dc0241c1cca0f6e02dda18244bbf36795dd | Triage

Sharing

General

Target

526c84e6429c7ade3dc38fd3a7e04dc0241c1cca0f6e02dda18244bbf36795dd
Size

1.3MB
Sample

221124-d4k6eshf9s
MD5

bf6809a459eced8bb9db1e41567799f9
SHA1

da7f0908ccc42fbd82fc0bf370913bf46e0c6133
SHA256

526c84e6429c7ade3dc38fd3a7e04dc0241c1cca0f6e02dda18244bbf36795dd
SHA512

a6351fce3a0f2732b5069c8a2377ff0e9f8486f245b0aff24b8e482f63e0627ff732d8f64180dc34775cd36f795de4679fc960186c96daca1082d21578c60995
SSDEEP

24576:51bdgiNFZpD6MHokKi5IlLahnBEAr8QhhcAyELIPLJ0T+ps+72Uo2RAE:54iNFH4i2wRGA8QhhwELOLJi+a+72r27

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  526c84e6429c7ade3dc38fd3a7e04dc0241c1cca0f6e02dda18244bbf36795dd
- Size
  
  1.3MB
- MD5
  
  bf6809a459eced8bb9db1e41567799f9
- SHA1
  
  da7f0908ccc42fbd82fc0bf370913bf46e0c6133
- SHA256
  
  526c84e6429c7ade3dc38fd3a7e04dc0241c1cca0f6e02dda18244bbf36795dd
- SHA512
  
  a6351fce3a0f2732b5069c8a2377ff0e9f8486f245b0aff24b8e482f63e0627ff732d8f64180dc34775cd36f795de4679fc960186c96daca1082d21578c60995
- SSDEEP
  
  24576:51bdgiNFZpD6MHokKi5IlLahnBEAr8QhhcAyELIPLJ0T+ps+72Uo2RAE:54iNFH4i2wRGA8QhhwELOLJi+a+72r27
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2