8fd1aef04b09921ee9c82baa11314209c2fa777fd2268651875126d1e047eb0a | Triage

Sharing

General

Target

8fd1aef04b09921ee9c82baa11314209c2fa777fd2268651875126d1e047eb0a
Size

286KB
Sample

221129-f8vxjade6w
MD5

7199b8642367a133bb1689a3991f3dd9
SHA1

2f8393c33598a47ee3564b17267caf2ca5a412aa
SHA256

8fd1aef04b09921ee9c82baa11314209c2fa777fd2268651875126d1e047eb0a
SHA512

e0efadde5f1b9f99e26882111a1f9ef1362ea90dcab63e823583e8faaede6cb0c7ecf9658d3e44305ca36cfb8382ac719249885b24b341cab4cbfbede0bcced4
SSDEEP

6144:Zur1uTIK6/6FtZUmGZlmDBeci+lmQciCv:or1WIK6sZUm8mDEZEmQyv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8fd1aef04b09921ee9c82baa11314209c2fa777fd2268651875126d1e047eb0a
- Size
  
  286KB
- MD5
  
  7199b8642367a133bb1689a3991f3dd9
- SHA1
  
  2f8393c33598a47ee3564b17267caf2ca5a412aa
- SHA256
  
  8fd1aef04b09921ee9c82baa11314209c2fa777fd2268651875126d1e047eb0a
- SHA512
  
  e0efadde5f1b9f99e26882111a1f9ef1362ea90dcab63e823583e8faaede6cb0c7ecf9658d3e44305ca36cfb8382ac719249885b24b341cab4cbfbede0bcced4
- SSDEEP
  
  6144:Zur1uTIK6/6FtZUmGZlmDBeci+lmQciCv:or1WIK6sZUm8mDEZEmQyv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2