91d97b9373f46d23ff66c2b811809160bb00055b8f841a1137ab22fd98ae9652 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91d97b9373f46d23ff66c2b811809160bb00055b8f841a1137ab22fd98ae9652
Size

349KB
Sample

221129-f3wxmshf69
MD5

87f929b515217253ac859662e8e30ef7
SHA1

accdbb389cd6ea112a17b87d80ef8f540548e81d
SHA256

91d97b9373f46d23ff66c2b811809160bb00055b8f841a1137ab22fd98ae9652
SHA512

45a7f21c13b5bf7906c355fbefd2f179c3915ca32be38183c0c7a71135627ea092c11494c646e08489ed0a27d3f20ebdb440b6d3de575149ba9ff4efd7231e22
SSDEEP

6144:OhBu3tH/qyhsbuR1TAnC0BxoUhSluCp3QmxsVDuWDB16wXSwRfk+fWy8E+EMr:c0xCyLR1MnCs3qp3fKVDuWd1zf1WTEU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  91d97b9373f46d23ff66c2b811809160bb00055b8f841a1137ab22fd98ae9652
- Size
  
  349KB
- MD5
  
  87f929b515217253ac859662e8e30ef7
- SHA1
  
  accdbb389cd6ea112a17b87d80ef8f540548e81d
- SHA256
  
  91d97b9373f46d23ff66c2b811809160bb00055b8f841a1137ab22fd98ae9652
- SHA512
  
  45a7f21c13b5bf7906c355fbefd2f179c3915ca32be38183c0c7a71135627ea092c11494c646e08489ed0a27d3f20ebdb440b6d3de575149ba9ff4efd7231e22
- SSDEEP
  
  6144:OhBu3tH/qyhsbuR1TAnC0BxoUhSluCp3QmxsVDuWDB16wXSwRfk+fWy8E+EMr:c0xCyLR1MnCs3qp3fKVDuWd1zf1WTEU
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2