de0066159cc0bbd07bc4a7132604c3ccafbde873588e523b78f89d394906e875 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de0066159cc0bbd07bc4a7132604c3ccafbde873588e523b78f89d394906e875
Size

275KB
Sample

221203-eagftabh46
MD5

46fb5d97619b9006c0539f27d3fbc95c
SHA1

b31dc0e6217edc0f1441320a05a8855afd8766de
SHA256

de0066159cc0bbd07bc4a7132604c3ccafbde873588e523b78f89d394906e875
SHA512

2388c1a6238e7426304173fd1644ad27fc60a425915ad667a201f3aa4a07896e5da1daf798fb214f11db24bd9699707f1dc85154ae3dfcf1da4902d5755bf776
SSDEEP

6144:OMRffS6BEe9NXvl9b/qbuEBVx/W6dGFbCSV1/ZVj/B6YOAgPI:p1uGvldsnBT/jdGbCSDZj67zg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  de0066159cc0bbd07bc4a7132604c3ccafbde873588e523b78f89d394906e875
- Size
  
  275KB
- MD5
  
  46fb5d97619b9006c0539f27d3fbc95c
- SHA1
  
  b31dc0e6217edc0f1441320a05a8855afd8766de
- SHA256
  
  de0066159cc0bbd07bc4a7132604c3ccafbde873588e523b78f89d394906e875
- SHA512
  
  2388c1a6238e7426304173fd1644ad27fc60a425915ad667a201f3aa4a07896e5da1daf798fb214f11db24bd9699707f1dc85154ae3dfcf1da4902d5755bf776
- SSDEEP
  
  6144:OMRffS6BEe9NXvl9b/qbuEBVx/W6dGFbCSV1/ZVj/B6YOAgPI:p1uGvldsnBT/jdGbCSDZj67zg
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2