def44fd29b389b1c2d21396f2b67dd076dca47a87ca776c45cd382f20f9adef3 | Triage

Sharing

General

Target

def44fd29b389b1c2d21396f2b67dd076dca47a87ca776c45cd382f20f9adef3
Size

304KB
Sample

221203-d8444abg46
MD5

041cd7da115145bcfe357547b41d4190
SHA1

bece96431a866d4922a90af9442416c28ae6334d
SHA256

def44fd29b389b1c2d21396f2b67dd076dca47a87ca776c45cd382f20f9adef3
SHA512

ce30f26c7423972fa9f3a73aa5879a8ef757f0a069aeeb69018e670b4ec921b8c90173379759614acbc9df1de077bfc02de46d3e89e6edbe1ec3b9b6b536bfcd
SSDEEP

6144:BIbpKanRqQRQWgHZLUFdezO8B8gtdb8wdOyrCJX9NVI6wy3+xDCL:BIbpZnEWQWqAUZB8gJqJtc6j3+xDCL

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  def44fd29b389b1c2d21396f2b67dd076dca47a87ca776c45cd382f20f9adef3
- Size
  
  304KB
- MD5
  
  041cd7da115145bcfe357547b41d4190
- SHA1
  
  bece96431a866d4922a90af9442416c28ae6334d
- SHA256
  
  def44fd29b389b1c2d21396f2b67dd076dca47a87ca776c45cd382f20f9adef3
- SHA512
  
  ce30f26c7423972fa9f3a73aa5879a8ef757f0a069aeeb69018e670b4ec921b8c90173379759614acbc9df1de077bfc02de46d3e89e6edbe1ec3b9b6b536bfcd
- SSDEEP
  
  6144:BIbpKanRqQRQWgHZLUFdezO8B8gtdb8wdOyrCJX9NVI6wy3+xDCL:BIbpZnEWQWqAUZB8gJqJtc6j3+xDCL
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2