9496d5e2669d12ec121bd4a99b9166b054e9ad2918261734dea195fc43582740 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9496d5e2669d12ec121bd4a99b9166b054e9ad2918261734dea195fc43582740
Size

276KB
Sample

221129-fsyy9acb2w
MD5

410b46097e1eed5ea26e26e39266f3f0
SHA1

905eb502653c0d08d92417336e6b88466901d20e
SHA256

9496d5e2669d12ec121bd4a99b9166b054e9ad2918261734dea195fc43582740
SHA512

d9d28c8660b1d5ca8246c70d1a2656200ab019f504c85cb276d838c51d8362ba1a10990c9150194bc71f7f08b18cc5aac25f3f78a1aa3f2a15472b64311107d3
SSDEEP

6144:K/1HnOBywO+PnbfMIQFSQMX0Wy6XtdFCGJvi5w:KNQuU1XXdyvGJo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9496d5e2669d12ec121bd4a99b9166b054e9ad2918261734dea195fc43582740
- Size
  
  276KB
- MD5
  
  410b46097e1eed5ea26e26e39266f3f0
- SHA1
  
  905eb502653c0d08d92417336e6b88466901d20e
- SHA256
  
  9496d5e2669d12ec121bd4a99b9166b054e9ad2918261734dea195fc43582740
- SHA512
  
  d9d28c8660b1d5ca8246c70d1a2656200ab019f504c85cb276d838c51d8362ba1a10990c9150194bc71f7f08b18cc5aac25f3f78a1aa3f2a15472b64311107d3
- SSDEEP
  
  6144:K/1HnOBywO+PnbfMIQFSQMX0Wy6XtdFCGJvi5w:KNQuU1XXdyvGJo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2