f6daca44daa22744db69585aaaae78f3b6549fcacc0d67125d5092a0f15a1945 | Triage

Sharing

General

Target

f6daca44daa22744db69585aaaae78f3b6549fcacc0d67125d5092a0f15a1945
Size

274KB
Sample

221203-m6wvdadh55
MD5

e3bf490f08ba1c4169819a74461fc464
SHA1

55d16e7f656251339b570484c8e86c586cd26586
SHA256

f6daca44daa22744db69585aaaae78f3b6549fcacc0d67125d5092a0f15a1945
SHA512

d2ab30ac9a3486cc256a0e9731d346e34a5bee5325e212086a0182e706f592245927c02224fdc9c9651c10eccafdb63f42e7bfb1d8de7900643f8d518fa9bc5c
SSDEEP

6144:3HrnR2l+o+APC1BQLHgXvLIw0uiNNfYSyM2FqRHmZQcoqAkR5:3HMl+dAOQEIwSNfYNM2F5ZZoPkR5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f6daca44daa22744db69585aaaae78f3b6549fcacc0d67125d5092a0f15a1945
- Size
  
  274KB
- MD5
  
  e3bf490f08ba1c4169819a74461fc464
- SHA1
  
  55d16e7f656251339b570484c8e86c586cd26586
- SHA256
  
  f6daca44daa22744db69585aaaae78f3b6549fcacc0d67125d5092a0f15a1945
- SHA512
  
  d2ab30ac9a3486cc256a0e9731d346e34a5bee5325e212086a0182e706f592245927c02224fdc9c9651c10eccafdb63f42e7bfb1d8de7900643f8d518fa9bc5c
- SSDEEP
  
  6144:3HrnR2l+o+APC1BQLHgXvLIw0uiNNfYSyM2FqRHmZQcoqAkR5:3HMl+dAOQEIwSNfYNM2F5ZZoPkR5
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2