e690872a1b641b35e0600813ba76b36e67dd4f342dfe2bf0448dd97d5260f3f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e690872a1b641b35e0600813ba76b36e67dd4f342dfe2bf0448dd97d5260f3f7
Size

319KB
Sample

221203-plnpdade7v
MD5

cf4fb5f72a1b40a3d396410a334a2b54
SHA1

183a50a6488b07a06f3636bb7c6e9e824c8bc17a
SHA256

e690872a1b641b35e0600813ba76b36e67dd4f342dfe2bf0448dd97d5260f3f7
SHA512

a6d6c28c6d3c0115d7415df0cb2487f8cf68b6f361c3671c590e6e735382f9da423a7ce1a571a3897032f36bec392fb952d8ad34cdb124160301f28e9b1fd119
SSDEEP

3072:mIy9QIyzrl9WaLPN7N/JFAnoIBXxlJDDg4r4a8qFdFb7E:mFAl9Wa1lARBXxlJn4YFdFf

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e690872a1b641b35e0600813ba76b36e67dd4f342dfe2bf0448dd97d5260f3f7
- Size
  
  319KB
- MD5
  
  cf4fb5f72a1b40a3d396410a334a2b54
- SHA1
  
  183a50a6488b07a06f3636bb7c6e9e824c8bc17a
- SHA256
  
  e690872a1b641b35e0600813ba76b36e67dd4f342dfe2bf0448dd97d5260f3f7
- SHA512
  
  a6d6c28c6d3c0115d7415df0cb2487f8cf68b6f361c3671c590e6e735382f9da423a7ce1a571a3897032f36bec392fb952d8ad34cdb124160301f28e9b1fd119
- SSDEEP
  
  3072:mIy9QIyzrl9WaLPN7N/JFAnoIBXxlJDDg4r4a8qFdFb7E:mFAl9Wa1lARBXxlJn4YFdFf
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence