743dfd0289c52985e5b7bbb8bd889d0f06b20489453d442b9b17d15f7b6c0866 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

743dfd0289c52985e5b7bbb8bd889d0f06b20489453d442b9b17d15f7b6c0866
Size

265KB
Sample

221129-jm77hsdb2w
MD5

5166c33bd48bf98e6a7faf6efa0cf19e
SHA1

52b65d9070cf46247b22af2e6312af767daba60c
SHA256

743dfd0289c52985e5b7bbb8bd889d0f06b20489453d442b9b17d15f7b6c0866
SHA512

93fb1ec0ea3b095ce0f5a3f94d82ab37750dbd8ef2b710aa543e3410ddda4f730f63b9c7b6485f0a0c2671bbbe354dc7d310943afd745a0f004633d854164add
SSDEEP

6144:GWywgKQ/dnbdxoXUFuS5fvvUaOWpVshQchEnnbUaDk/ii:GSgLFHvOWpVEhEbU9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  743dfd0289c52985e5b7bbb8bd889d0f06b20489453d442b9b17d15f7b6c0866
- Size
  
  265KB
- MD5
  
  5166c33bd48bf98e6a7faf6efa0cf19e
- SHA1
  
  52b65d9070cf46247b22af2e6312af767daba60c
- SHA256
  
  743dfd0289c52985e5b7bbb8bd889d0f06b20489453d442b9b17d15f7b6c0866
- SHA512
  
  93fb1ec0ea3b095ce0f5a3f94d82ab37750dbd8ef2b710aa543e3410ddda4f730f63b9c7b6485f0a0c2671bbbe354dc7d310943afd745a0f004633d854164add
- SSDEEP
  
  6144:GWywgKQ/dnbdxoXUFuS5fvvUaOWpVshQchEnnbUaDk/ii:GSgLFHvOWpVEhEbU9
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2