dd2d6f1aa1f4020a4ab99788c989d4791a8ade596ebab31de0d1fd0d6116d7b3 | Triage

Sharing

General

Target

dd2d6f1aa1f4020a4ab99788c989d4791a8ade596ebab31de0d1fd0d6116d7b3
Size

425KB
Sample

221201-s52l5ach76
MD5

de8e739e054e0ee9cb3d6f803d957419
SHA1

12cdd7253215512183847ff8c7f7b17a7426c32c
SHA256

dd2d6f1aa1f4020a4ab99788c989d4791a8ade596ebab31de0d1fd0d6116d7b3
SHA512

09781fde0c514e0d16474e2e94c5f17db5e39b46d1a70653b89d3cc45310bf958c4258ea542148b13c977fffee54acde1048b26da643dc7a05f405db13858ec9
SSDEEP

12288:xCpSZaPeLADixs3Vj7YWOVNqN+sILUZGGQjQ:3gP2AGsFj7tOVNeILUZGGQj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dd2d6f1aa1f4020a4ab99788c989d4791a8ade596ebab31de0d1fd0d6116d7b3
- Size
  
  425KB
- MD5
  
  de8e739e054e0ee9cb3d6f803d957419
- SHA1
  
  12cdd7253215512183847ff8c7f7b17a7426c32c
- SHA256
  
  dd2d6f1aa1f4020a4ab99788c989d4791a8ade596ebab31de0d1fd0d6116d7b3
- SHA512
  
  09781fde0c514e0d16474e2e94c5f17db5e39b46d1a70653b89d3cc45310bf958c4258ea542148b13c977fffee54acde1048b26da643dc7a05f405db13858ec9
- SSDEEP
  
  12288:xCpSZaPeLADixs3Vj7YWOVNqN+sILUZGGQjQ:3gP2AGsFj7tOVNeILUZGGQj
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2