f7d37c9da3698c7ebe121ddfb0e5b677210d42e7e964d3ee7ed877ae60a21e8b | Triage

Sharing

General

Target

f7d37c9da3698c7ebe121ddfb0e5b677210d42e7e964d3ee7ed877ae60a21e8b
Size

907KB
Sample

221127-rw92gahg3z
MD5

3ff280c0128691632ccbb88c1edabe23
SHA1

90d50c530a87e14863e788cdd94f3cddedd8c08c
SHA256

f7d37c9da3698c7ebe121ddfb0e5b677210d42e7e964d3ee7ed877ae60a21e8b
SHA512

c0218866d8d99eb51e2665e1b264f1f5cd5bd5d0fd0a2d90874c604fdc7c34e5851f8f872d6ec4221f178366765ce3d9e40d4e7d38f185c3afcdea3507ae2850
SSDEEP

24576:1zNrcMeUwxJEZQZp8d+TEZeacMyptNn1+9M7jRlA6aVZzgZ5Ab:15A6u68xhg9sPOhb

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f7d37c9da3698c7ebe121ddfb0e5b677210d42e7e964d3ee7ed877ae60a21e8b
- Size
  
  907KB
- MD5
  
  3ff280c0128691632ccbb88c1edabe23
- SHA1
  
  90d50c530a87e14863e788cdd94f3cddedd8c08c
- SHA256
  
  f7d37c9da3698c7ebe121ddfb0e5b677210d42e7e964d3ee7ed877ae60a21e8b
- SHA512
  
  c0218866d8d99eb51e2665e1b264f1f5cd5bd5d0fd0a2d90874c604fdc7c34e5851f8f872d6ec4221f178366765ce3d9e40d4e7d38f185c3afcdea3507ae2850
- SSDEEP
  
  24576:1zNrcMeUwxJEZQZp8d+TEZeacMyptNn1+9M7jRlA6aVZzgZ5Ab:15A6u68xhg9sPOhb
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2