bf503fdb9344b22c8e067e71fb5c33bbcd2f3807305a1690a808045943ed65ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf503fdb9344b22c8e067e71fb5c33bbcd2f3807305a1690a808045943ed65ca
Size

294KB
Sample

221203-gqfwbsaf63
MD5

50ce560b3e5b86da15cc8be873468bc6
SHA1

4f2e3c770dedf9005eb34765983d4b255a746060
SHA256

bf503fdb9344b22c8e067e71fb5c33bbcd2f3807305a1690a808045943ed65ca
SHA512

c13045ef7a2c4560e4af181c2028a59039b834a929ff32e9472e5bd98584ebb60b9a4086f8cfb01f5234fa4b6460b1fc83889ad8f5d95c0f7182a44fec49bbc1
SSDEEP

6144:zpQCd1au9KZBXD7Bp3A4JwQzVKINYtYpeRrBaS8dt:zpQyau9KbfBpw3QzVKINI/r8S8d

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bf503fdb9344b22c8e067e71fb5c33bbcd2f3807305a1690a808045943ed65ca
- Size
  
  294KB
- MD5
  
  50ce560b3e5b86da15cc8be873468bc6
- SHA1
  
  4f2e3c770dedf9005eb34765983d4b255a746060
- SHA256
  
  bf503fdb9344b22c8e067e71fb5c33bbcd2f3807305a1690a808045943ed65ca
- SHA512
  
  c13045ef7a2c4560e4af181c2028a59039b834a929ff32e9472e5bd98584ebb60b9a4086f8cfb01f5234fa4b6460b1fc83889ad8f5d95c0f7182a44fec49bbc1
- SSDEEP
  
  6144:zpQCd1au9KZBXD7Bp3A4JwQzVKINYtYpeRrBaS8dt:zpQyau9KbfBpw3QzVKINI/r8S8d
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2