1e4669ba8f87c91793f8c9f345033ca74f9ccb3ca717382731e99ead576392c9 | Triage

Sharing

General

Target

1e4669ba8f87c91793f8c9f345033ca74f9ccb3ca717382731e99ead576392c9
Size

456KB
Sample

221129-vs8wsacd71
MD5

826940dcb269552bc7fc14fac7adf5df
SHA1

be7956b1baad5e54e9f9df9efbc8ed0f23bcbaad
SHA256

1e4669ba8f87c91793f8c9f345033ca74f9ccb3ca717382731e99ead576392c9
SHA512

252550fc4f0202086b67dfa148cbbd35d48deb177cb2188c7fca6debc73a76da6e11fa2d3d7e8fcd5ceadfb9daec7bc639edc9b137da9c97262daccbd8544dfa
SSDEEP

12288:dy/vD028/618D4ODwVc2flmIQfWHV6Tg7lsftzTNBV4D:s/o28CzYXVV66osftzTNBV4D

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1e4669ba8f87c91793f8c9f345033ca74f9ccb3ca717382731e99ead576392c9
- Size
  
  456KB
- MD5
  
  826940dcb269552bc7fc14fac7adf5df
- SHA1
  
  be7956b1baad5e54e9f9df9efbc8ed0f23bcbaad
- SHA256
  
  1e4669ba8f87c91793f8c9f345033ca74f9ccb3ca717382731e99ead576392c9
- SHA512
  
  252550fc4f0202086b67dfa148cbbd35d48deb177cb2188c7fca6debc73a76da6e11fa2d3d7e8fcd5ceadfb9daec7bc639edc9b137da9c97262daccbd8544dfa
- SSDEEP
  
  12288:dy/vD028/618D4ODwVc2flmIQfWHV6Tg7lsftzTNBV4D:s/o28CzYXVV66osftzTNBV4D
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2