6ca96c5a91e79bef47d521f70751a3e7c7218ad5b7f3d1df6695e40e7a902b71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ca96c5a91e79bef47d521f70751a3e7c7218ad5b7f3d1df6695e40e7a902b71
Size

281KB
Sample

221201-d4t4bsba78
MD5

83ac9e5c596bd28d31572d342ef39347
SHA1

1cbb852ee2285fb04fbf1af4058d8ccf8fab747c
SHA256

6ca96c5a91e79bef47d521f70751a3e7c7218ad5b7f3d1df6695e40e7a902b71
SHA512

4fb1fe48bcc28e588a92081ecd6e5c4ea0bec1718e4b4c8682e4d733b8a0b1741b489464c3a86a87024fdb58dae78fce670d692a17a6d196fa7d098433ddb01f
SSDEEP

6144:KpcnH1hymlUEAsvK7ke5L3iFPwsj9CnL9R6jbKVCA7W5f1uHVOJ:KpYDycUEAWK7SCsj9kLnCAS9IVW

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6ca96c5a91e79bef47d521f70751a3e7c7218ad5b7f3d1df6695e40e7a902b71
- Size
  
  281KB
- MD5
  
  83ac9e5c596bd28d31572d342ef39347
- SHA1
  
  1cbb852ee2285fb04fbf1af4058d8ccf8fab747c
- SHA256
  
  6ca96c5a91e79bef47d521f70751a3e7c7218ad5b7f3d1df6695e40e7a902b71
- SHA512
  
  4fb1fe48bcc28e588a92081ecd6e5c4ea0bec1718e4b4c8682e4d733b8a0b1741b489464c3a86a87024fdb58dae78fce670d692a17a6d196fa7d098433ddb01f
- SSDEEP
  
  6144:KpcnH1hymlUEAsvK7ke5L3iFPwsj9CnL9R6jbKVCA7W5f1uHVOJ:KpYDycUEAWK7SCsj9kLnCAS9IVW
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2