63581f0ac0a7f0333fee04aae7c8c8625538e1721802e93e8efc383f706fa66d | Triage

Sharing

General

Target

63581f0ac0a7f0333fee04aae7c8c8625538e1721802e93e8efc383f706fa66d
Size

268KB
Sample

221201-ey62daha8x
MD5

7eef384f4ab4b748d282db914fab57dc
SHA1

207dc0a0fef4baf2ac052a412e8218f981752ee7
SHA256

63581f0ac0a7f0333fee04aae7c8c8625538e1721802e93e8efc383f706fa66d
SHA512

5153fb6a1fa9ad96c8bb1c4fd7832e1251d6dc9bcca50022785f84cbfa508eb2e2b387afa68922a72e422b18e27b9b019a38bfad2506b1d42e39e38ab349e10c
SSDEEP

6144:MRkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:MRg+allJ0LcKNyR3SM

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  63581f0ac0a7f0333fee04aae7c8c8625538e1721802e93e8efc383f706fa66d
- Size
  
  268KB
- MD5
  
  7eef384f4ab4b748d282db914fab57dc
- SHA1
  
  207dc0a0fef4baf2ac052a412e8218f981752ee7
- SHA256
  
  63581f0ac0a7f0333fee04aae7c8c8625538e1721802e93e8efc383f706fa66d
- SHA512
  
  5153fb6a1fa9ad96c8bb1c4fd7832e1251d6dc9bcca50022785f84cbfa508eb2e2b387afa68922a72e422b18e27b9b019a38bfad2506b1d42e39e38ab349e10c
- SSDEEP
  
  6144:MRkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:MRg+allJ0LcKNyR3SM
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2