fa5220ec2ccd87e2c3d104354b0ae7b0ad12193f2ae1a00b5def323b35665537 | Triage

Sharing

General

Target

fa5220ec2ccd87e2c3d104354b0ae7b0ad12193f2ae1a00b5def323b35665537
Size

288KB
Sample

221203-c2wcyabb7s
MD5

70955c6d019b1861e0e5011f82ed5ded
SHA1

5265345b4354416d311003e27ffe52e385efc022
SHA256

fa5220ec2ccd87e2c3d104354b0ae7b0ad12193f2ae1a00b5def323b35665537
SHA512

b2633d8c3d2aaeca63ba4960541e82a96ad96d12614690173278a1869e653d328f24d62e81d5c63639928802b88add2d5cce4cdfe9d9c80f1a4e80cd229bca1d
SSDEEP

6144:Zlr6yDU7fqP/f0LETIOfrlYc5gTTArVR32GOuMMTrzuWeR7PP7EEPMW:9DqyXcLdWrll5gTT82ITrzpoPjR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  fa5220ec2ccd87e2c3d104354b0ae7b0ad12193f2ae1a00b5def323b35665537
- Size
  
  288KB
- MD5
  
  70955c6d019b1861e0e5011f82ed5ded
- SHA1
  
  5265345b4354416d311003e27ffe52e385efc022
- SHA256
  
  fa5220ec2ccd87e2c3d104354b0ae7b0ad12193f2ae1a00b5def323b35665537
- SHA512
  
  b2633d8c3d2aaeca63ba4960541e82a96ad96d12614690173278a1869e653d328f24d62e81d5c63639928802b88add2d5cce4cdfe9d9c80f1a4e80cd229bca1d
- SSDEEP
  
  6144:Zlr6yDU7fqP/f0LETIOfrlYc5gTTArVR32GOuMMTrzuWeR7PP7EEPMW:9DqyXcLdWrll5gTT82ITrzpoPjR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2