8d29f1063e020dddd1dfd562aab964d05d9632b71f4b689c0c73381e51d96fad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d29f1063e020dddd1dfd562aab964d05d9632b71f4b689c0c73381e51d96fad
Size

257KB
Sample

221201-bz1dfacf53
MD5

a63419adab0d70f44851d702a432017a
SHA1

66cfa0bfc6147cd41eaffec7f2d4dd1c3dec235b
SHA256

8d29f1063e020dddd1dfd562aab964d05d9632b71f4b689c0c73381e51d96fad
SHA512

0d1ee0101769fe7c82da76cfdc30f9118fbbf5a273b6545c3f17e4e8f73ee019ce9a9dc3412691e355f8ac5b64d821792ddd8ebbe301dc7c2553f79c1f29e1e5
SSDEEP

6144:rhPMhPbvrs+3hcHICis1ed00b9/oQoHv1a0weSMb3QGL:KgYoINs1ed0Uo3dZ1j

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8d29f1063e020dddd1dfd562aab964d05d9632b71f4b689c0c73381e51d96fad
- Size
  
  257KB
- MD5
  
  a63419adab0d70f44851d702a432017a
- SHA1
  
  66cfa0bfc6147cd41eaffec7f2d4dd1c3dec235b
- SHA256
  
  8d29f1063e020dddd1dfd562aab964d05d9632b71f4b689c0c73381e51d96fad
- SHA512
  
  0d1ee0101769fe7c82da76cfdc30f9118fbbf5a273b6545c3f17e4e8f73ee019ce9a9dc3412691e355f8ac5b64d821792ddd8ebbe301dc7c2553f79c1f29e1e5
- SSDEEP
  
  6144:rhPMhPbvrs+3hcHICis1ed00b9/oQoHv1a0weSMb3QGL:KgYoINs1ed0Uo3dZ1j
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2