8ac6b798c8679ff2df9f0db637a0335093998b1e36dfa6f46322fe9f337c60e3 | Triage

Sharing

General

Target

8ac6b798c8679ff2df9f0db637a0335093998b1e36dfa6f46322fe9f337c60e3
Size

502KB
Sample

221125-z1962aac5z
MD5

5c412dd261dc5815cbb19a5c27b0cbd2
SHA1

6b89a2d9b1527c8f6a0eb6c3299f9ee0a9b1bfcb
SHA256

8ac6b798c8679ff2df9f0db637a0335093998b1e36dfa6f46322fe9f337c60e3
SHA512

8196850e247e6788f847537d952dcd245fa012eb6da1ac40ec071f8f41c6af766da58f75cd104f5e8de2eec7a454e30b4de35dc21e557b85cae7803ce4d9723c
SSDEEP

12288:uMSU4joci8M6PW1GVFeFd60DFUyheEYM:hSUCpM2W1GvgmyeEv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8ac6b798c8679ff2df9f0db637a0335093998b1e36dfa6f46322fe9f337c60e3
- Size
  
  502KB
- MD5
  
  5c412dd261dc5815cbb19a5c27b0cbd2
- SHA1
  
  6b89a2d9b1527c8f6a0eb6c3299f9ee0a9b1bfcb
- SHA256
  
  8ac6b798c8679ff2df9f0db637a0335093998b1e36dfa6f46322fe9f337c60e3
- SHA512
  
  8196850e247e6788f847537d952dcd245fa012eb6da1ac40ec071f8f41c6af766da58f75cd104f5e8de2eec7a454e30b4de35dc21e557b85cae7803ce4d9723c
- SSDEEP
  
  12288:uMSU4joci8M6PW1GVFeFd60DFUyheEYM:hSUCpM2W1GvgmyeEv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2