abf2fb21621c31d349078b286c787bd069d70fb591f8817bf76b89b6b95cabdc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abf2fb21621c31d349078b286c787bd069d70fb591f8817bf76b89b6b95cabdc
Size

96KB
Sample

221202-2g1jlabb36
MD5

32aff54749d060b3cb09d0495b757507
SHA1

cf264cddab7f2475698df32390f354d6311d54c4
SHA256

abf2fb21621c31d349078b286c787bd069d70fb591f8817bf76b89b6b95cabdc
SHA512

9604635aea88424800eb9032664aa272f9586ac577adc447234f962821677a4539cc0c52c5c48c161669892e18909d97977e8c0985b00a406526d8ce344f5b71
SSDEEP

1536:GR1+aJe1mgawzxsBub8PC1jIHxATVGjJKDZieF8vHf5hTuCjIHxATVG9+aJe1mgS:GR1+aJe1mgawzxsBub861jIHxowFKQ3O

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  abf2fb21621c31d349078b286c787bd069d70fb591f8817bf76b89b6b95cabdc
- Size
  
  96KB
- MD5
  
  32aff54749d060b3cb09d0495b757507
- SHA1
  
  cf264cddab7f2475698df32390f354d6311d54c4
- SHA256
  
  abf2fb21621c31d349078b286c787bd069d70fb591f8817bf76b89b6b95cabdc
- SHA512
  
  9604635aea88424800eb9032664aa272f9586ac577adc447234f962821677a4539cc0c52c5c48c161669892e18909d97977e8c0985b00a406526d8ce344f5b71
- SSDEEP
  
  1536:GR1+aJe1mgawzxsBub8PC1jIHxATVGjJKDZieF8vHf5hTuCjIHxATVG9+aJe1mgS:GR1+aJe1mgawzxsBub861jIHxowFKQ3O
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Disables Task Manager via registry modification
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence