c7d86465a3a91a13dead5c7dc8a3ba6c1383f976d9dc6bed9d1f43e3dfe2cc89 | Triage

Sharing

General

Target

c7d86465a3a91a13dead5c7dc8a3ba6c1383f976d9dc6bed9d1f43e3dfe2cc89
Size

43KB
Sample

221124-e3m43ahb68
MD5

80cec2e9f3066114b21eace67f2de734
SHA1

afb1135b58571e00f6c3de916dee1934ab65c2a9
SHA256

c7d86465a3a91a13dead5c7dc8a3ba6c1383f976d9dc6bed9d1f43e3dfe2cc89
SHA512

eb1da020deff60dfb50d7a592bf7ab52cac11e2b1f86337960e3e0fef87b9db33fd9660a9ea2100cff0e398ae033db82839933c139845c132c0f2c670a453b34
SSDEEP

768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kpplg:3PnAClrVLTrEqNAxvXsf7rzV/KpXg

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  c7d86465a3a91a13dead5c7dc8a3ba6c1383f976d9dc6bed9d1f43e3dfe2cc89
- Size
  
  43KB
- MD5
  
  80cec2e9f3066114b21eace67f2de734
- SHA1
  
  afb1135b58571e00f6c3de916dee1934ab65c2a9
- SHA256
  
  c7d86465a3a91a13dead5c7dc8a3ba6c1383f976d9dc6bed9d1f43e3dfe2cc89
- SHA512
  
  eb1da020deff60dfb50d7a592bf7ab52cac11e2b1f86337960e3e0fef87b9db33fd9660a9ea2100cff0e398ae033db82839933c139845c132c0f2c670a453b34
- SSDEEP
  
  768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kpplg:3PnAClrVLTrEqNAxvXsf7rzV/KpXg
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2