cd5d0cc016f6e5273c636f09b1d0a635ec11258715539775e88e6e14b29296bb | Triage

Sharing

General

Target

cd5d0cc016f6e5273c636f09b1d0a635ec11258715539775e88e6e14b29296bb
Size

71KB
Sample

221203-c1yfxagb24
MD5

27b0959661c1191f33699f8869b90f20
SHA1

909a09d8473dce461fc0caa388314bf9a8c9c528
SHA256

cd5d0cc016f6e5273c636f09b1d0a635ec11258715539775e88e6e14b29296bb
SHA512

204e4d9a98a23a54016768f47e7ef289709296a57c35e685e6abe3b1219d4367ff37df52e28af32b0c75b3f223d72423e670c205db911078dbc7bd25a674adbc
SSDEEP

1536:rxuNasEiHWRsIki3m2TRhlpNEzf1zwQVgvn:sNFEiHWiILm2TRhlkb1zwLvn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cd5d0cc016f6e5273c636f09b1d0a635ec11258715539775e88e6e14b29296bb
- Size
  
  71KB
- MD5
  
  27b0959661c1191f33699f8869b90f20
- SHA1
  
  909a09d8473dce461fc0caa388314bf9a8c9c528
- SHA256
  
  cd5d0cc016f6e5273c636f09b1d0a635ec11258715539775e88e6e14b29296bb
- SHA512
  
  204e4d9a98a23a54016768f47e7ef289709296a57c35e685e6abe3b1219d4367ff37df52e28af32b0c75b3f223d72423e670c205db911078dbc7bd25a674adbc
- SSDEEP
  
  1536:rxuNasEiHWRsIki3m2TRhlpNEzf1zwQVgvn:sNFEiHWiILm2TRhlkb1zwLvn
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2