b5282bc2f203cd2c52e68e4146f6a0869c0646f4d7d10d3a3d5a8139feb8ce14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5282bc2f203cd2c52e68e4146f6a0869c0646f4d7d10d3a3d5a8139feb8ce14
Size

279KB
Sample

221203-hp3jdade78
MD5

4fad4f5b8981fc8ce938a2a666186fb2
SHA1

023b4db6dee8e7f064a76f44c6621622e6bd8c3a
SHA256

b5282bc2f203cd2c52e68e4146f6a0869c0646f4d7d10d3a3d5a8139feb8ce14
SHA512

88523dd52b97c35c43e3d36cbb223dcbea9126a77294691d49f5d2049341f3b0cac870993e707b88555fd76644abfc58a4a3b9cab505a88fd44a6574ed27e64f
SSDEEP

6144:p5G5C8o9gj50cQlu9aleGQvQxXTphYVmtg4yTC9aKHega:pYU8igt0f6a6v+httgnTCPB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b5282bc2f203cd2c52e68e4146f6a0869c0646f4d7d10d3a3d5a8139feb8ce14
- Size
  
  279KB
- MD5
  
  4fad4f5b8981fc8ce938a2a666186fb2
- SHA1
  
  023b4db6dee8e7f064a76f44c6621622e6bd8c3a
- SHA256
  
  b5282bc2f203cd2c52e68e4146f6a0869c0646f4d7d10d3a3d5a8139feb8ce14
- SHA512
  
  88523dd52b97c35c43e3d36cbb223dcbea9126a77294691d49f5d2049341f3b0cac870993e707b88555fd76644abfc58a4a3b9cab505a88fd44a6574ed27e64f
- SSDEEP
  
  6144:p5G5C8o9gj50cQlu9aleGQvQxXTphYVmtg4yTC9aKHega:pYU8igt0f6a6v+httgnTCPB
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2