a4945b0acf67f6860b41a51481c992c60259a7aea60341279f74f69c7315b7ec | Triage

Sharing

General

Target

a4945b0acf67f6860b41a51481c992c60259a7aea60341279f74f69c7315b7ec
Size

141KB
Sample

221201-k2k6zage6w
MD5

c79e93c89ebf22feee4fef424e2ec69a
SHA1

6a6874d796a236daea37ada3b5bf6924f0282fde
SHA256

a4945b0acf67f6860b41a51481c992c60259a7aea60341279f74f69c7315b7ec
SHA512

0843a3656a977113e6f54a5484fda268890e867563aa78ac0e95d12b168ce5e32bc4a737b8a7470fa6d91390d8498d5fff03a3ab860ef2c3b299730b36f60544
SSDEEP

3072:l1B31bdBob2QXGrzNsKkJIpEq6eshVDlp1c3HOvBbZ/S:l731bdBaBkzNsK+IjJshVDbq3HaBU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a4945b0acf67f6860b41a51481c992c60259a7aea60341279f74f69c7315b7ec
- Size
  
  141KB
- MD5
  
  c79e93c89ebf22feee4fef424e2ec69a
- SHA1
  
  6a6874d796a236daea37ada3b5bf6924f0282fde
- SHA256
  
  a4945b0acf67f6860b41a51481c992c60259a7aea60341279f74f69c7315b7ec
- SHA512
  
  0843a3656a977113e6f54a5484fda268890e867563aa78ac0e95d12b168ce5e32bc4a737b8a7470fa6d91390d8498d5fff03a3ab860ef2c3b299730b36f60544
- SSDEEP
  
  3072:l1B31bdBob2QXGrzNsKkJIpEq6eshVDlp1c3HOvBbZ/S:l731bdBaBkzNsK+IjJshVDbq3HaBU
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2