5e136cef32e307fe0857890c8e24e86d26bff7fdcb8d7369f8d20c148f4bfbc9 | Triage

Sharing

General

Target

5e136cef32e307fe0857890c8e24e86d26bff7fdcb8d7369f8d20c148f4bfbc9
Size

456KB
Sample

221125-kfje9ahc71
MD5

2202e1c883da159adfe37e6e59779f4c
SHA1

822703c997d1c760a3a2d99778962adce3921a5b
SHA256

5e136cef32e307fe0857890c8e24e86d26bff7fdcb8d7369f8d20c148f4bfbc9
SHA512

6c8485d536bd85b978267b64e224fdcabe51f2faec4d2134712af0393221faf3e4eb68ad35069c756b0ca7d28b3f49ed509899a839e643f560fbe4f9bfccf97e
SSDEEP

12288:pMSU4joci8M6PW1GVFeFd60DFUyheaYM:iSUCpM2W1Gvgmyeav

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5e136cef32e307fe0857890c8e24e86d26bff7fdcb8d7369f8d20c148f4bfbc9
- Size
  
  456KB
- MD5
  
  2202e1c883da159adfe37e6e59779f4c
- SHA1
  
  822703c997d1c760a3a2d99778962adce3921a5b
- SHA256
  
  5e136cef32e307fe0857890c8e24e86d26bff7fdcb8d7369f8d20c148f4bfbc9
- SHA512
  
  6c8485d536bd85b978267b64e224fdcabe51f2faec4d2134712af0393221faf3e4eb68ad35069c756b0ca7d28b3f49ed509899a839e643f560fbe4f9bfccf97e
- SSDEEP
  
  12288:pMSU4joci8M6PW1GVFeFd60DFUyheaYM:iSUCpM2W1Gvgmyeav
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2