c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9 | Triage

Sharing

General

Target

c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
Size

304KB
Sample

221201-whdtbsgg6s
MD5

63a9df4359c7838068fecae06ab7a5c5
SHA1

20bde5f0399bc14329ea683cd4f5152190dcd057
SHA256

c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
SHA512

fb6c1fb0903bf981f2a491e75d8e0a7d516ecfa9aab23a90231e19118114073e27d00036248b1f01165f5e99132669f6ce3e2f0dc27bd7c119ce4b344b881d76
SSDEEP

6144:wcXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:RXlK3x96Z613JtgPJo2q8AM2/w

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
- Size
  
  304KB
- MD5
  
  63a9df4359c7838068fecae06ab7a5c5
- SHA1
  
  20bde5f0399bc14329ea683cd4f5152190dcd057
- SHA256
  
  c79c6121ef9ffbbcdc4cc90a9b0fdf5deb4595b756aed8e03266a6a12b44def9
- SHA512
  
  fb6c1fb0903bf981f2a491e75d8e0a7d516ecfa9aab23a90231e19118114073e27d00036248b1f01165f5e99132669f6ce3e2f0dc27bd7c119ce4b344b881d76
- SSDEEP
  
  6144:wcXlK4wFuk6c9oBJbszio36UPJnbgH0eJu8o2q5aLEMdM/w:RXlK3x96Z613JtgPJo2q8AM2/w
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2