e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a | Triage

Sharing

General

Target

e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
Size

346KB
Sample

221201-t7a3mabh4z
MD5

061428120269762bf4162575820ab0b2
SHA1

19d23ef983b108d9a94baa1f59a14d8f5e19fbc3
SHA256

e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
SHA512

7f5a51d648f88b2047107cc1a53ddcba9a8f4e2d027207473ac75a2ad516ee93d5518d147e176370ad4edc7e04ad69ebbfdd0c2e486114f673be49339c2ed4a0
SSDEEP

6144:nhzFlexKc484oO8593S2k5NZHnn/5k6c+D4:BF/c4n2LSlNZH/5kF+D4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
- Size
  
  346KB
- MD5
  
  061428120269762bf4162575820ab0b2
- SHA1
  
  19d23ef983b108d9a94baa1f59a14d8f5e19fbc3
- SHA256
  
  e1aecd084a53ba33aecd53caeb211478b383ca8a8f013432b098dcb1aec1d60a
- SHA512
  
  7f5a51d648f88b2047107cc1a53ddcba9a8f4e2d027207473ac75a2ad516ee93d5518d147e176370ad4edc7e04ad69ebbfdd0c2e486114f673be49339c2ed4a0
- SSDEEP
  
  6144:nhzFlexKc484oO8593S2k5NZHnn/5k6c+D4:BF/c4n2LSlNZH/5kF+D4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2