a50e9527c9919d115ada3a6337f854cfd77384296e63fb64fbb358a71d20a31b | Triage

Sharing

General

Target

a50e9527c9919d115ada3a6337f854cfd77384296e63fb64fbb358a71d20a31b
Size

180KB
Sample

221124-f7514sfa3w
MD5

387b00428d6a7d8c3a4f7a6c6de2bfcb
SHA1

d8b20edf5fd13249d15c0b5a6210a0601fd33652
SHA256

a50e9527c9919d115ada3a6337f854cfd77384296e63fb64fbb358a71d20a31b
SHA512

6599c745b9a90aaf86628c032de5fc55c327be9b95731779ddd723348ee164b879c30f1b9387a2d57f49fd33d17008d64d8e266d6d73b85dec15ea7ee343051c
SSDEEP

3072:7ofKHb2VlNw6zZvQB1aH7lVRwFizDC/exZBVD0S2H8ju1:7ofmbENfznH7lnblz7gb6u1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a50e9527c9919d115ada3a6337f854cfd77384296e63fb64fbb358a71d20a31b
- Size
  
  180KB
- MD5
  
  387b00428d6a7d8c3a4f7a6c6de2bfcb
- SHA1
  
  d8b20edf5fd13249d15c0b5a6210a0601fd33652
- SHA256
  
  a50e9527c9919d115ada3a6337f854cfd77384296e63fb64fbb358a71d20a31b
- SHA512
  
  6599c745b9a90aaf86628c032de5fc55c327be9b95731779ddd723348ee164b879c30f1b9387a2d57f49fd33d17008d64d8e266d6d73b85dec15ea7ee343051c
- SSDEEP
  
  3072:7ofKHb2VlNw6zZvQB1aH7lVRwFizDC/exZBVD0S2H8ju1:7ofmbENfznH7lnblz7gb6u1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2