897f835a4b2427b6324490c23a774b3a3af6ad135f47a07cb0d6bab9fc9eb4ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

897f835a4b2427b6324490c23a774b3a3af6ad135f47a07cb0d6bab9fc9eb4ab
Size

319KB
Sample

221201-cahyjaha2s
MD5

9917ed44d474df5aeb29e6a10f69a3d2
SHA1

4dcbbe6f3614c02ee2948e067b1019e7e7f24f12
SHA256

897f835a4b2427b6324490c23a774b3a3af6ad135f47a07cb0d6bab9fc9eb4ab
SHA512

f2d23599105f626c4c7f7ac5186297ccd749b4fc79bb4ddbd72bf5d08298a3bffbb85d8a1246cf57a68d190632b63076084167498a2685872f9d960140212da5
SSDEEP

6144:znHLl3y9ZKFwROyGZrOactJCcPyX20RYlAoJh+77o1w:znrliQyGZatIcaXFboJUXo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  897f835a4b2427b6324490c23a774b3a3af6ad135f47a07cb0d6bab9fc9eb4ab
- Size
  
  319KB
- MD5
  
  9917ed44d474df5aeb29e6a10f69a3d2
- SHA1
  
  4dcbbe6f3614c02ee2948e067b1019e7e7f24f12
- SHA256
  
  897f835a4b2427b6324490c23a774b3a3af6ad135f47a07cb0d6bab9fc9eb4ab
- SHA512
  
  f2d23599105f626c4c7f7ac5186297ccd749b4fc79bb4ddbd72bf5d08298a3bffbb85d8a1246cf57a68d190632b63076084167498a2685872f9d960140212da5
- SSDEEP
  
  6144:znHLl3y9ZKFwROyGZrOactJCcPyX20RYlAoJh+77o1w:znrliQyGZatIcaXFboJUXo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2