Overview

overview

10

Static

static

5d82ffb798...bf.exe

windows7-x64

10

5d82ffb798...bf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d82ffb7987b1280057f4aba5768f1503c9332ecff850452697ddf5c603316bf

  • Size

    31.8MB

  • Sample

    221125-leq95sbe3y

  • MD5

    34e165db7781fdb98ffbdb89950013f9

  • SHA1

    b2bc9495bb13ee35f4b07ccaf1ba706e05f50f7c

  • SHA256

    5d82ffb7987b1280057f4aba5768f1503c9332ecff850452697ddf5c603316bf

  • SHA512

    fdc5217dad8a140fe4e2fc7db167638ef9f60b4de441803d07afc04371119dc8243650d62ab89d45a866135df08319115b680c4b0004bd6ae5446cc4dff80153

  • SSDEEP

    393216:qyJXk2mMuOjiYOj257OUF3og0zHie8+ZqUCd1CPwDv3uFKhBrqW4tLFDoe:XJXk2/I29XF3og0Oe3Llt

Score
10/10
persistence

Malware Config

Targets

    • Target

      5d82ffb7987b1280057f4aba5768f1503c9332ecff850452697ddf5c603316bf

    • Size

      31.8MB

    • MD5

      34e165db7781fdb98ffbdb89950013f9

    • SHA1

      b2bc9495bb13ee35f4b07ccaf1ba706e05f50f7c

    • SHA256

      5d82ffb7987b1280057f4aba5768f1503c9332ecff850452697ddf5c603316bf

    • SHA512

      fdc5217dad8a140fe4e2fc7db167638ef9f60b4de441803d07afc04371119dc8243650d62ab89d45a866135df08319115b680c4b0004bd6ae5446cc4dff80153

    • SSDEEP

      393216:qyJXk2mMuOjiYOj257OUF3og0zHie8+ZqUCd1CPwDv3uFKhBrqW4tLFDoe:XJXk2/I29XF3og0Oe3Llt

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Disabling Security Tools

1
T1089

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks