c0b0e536cdb7525c8daf1d03122a1de8e9e04a9bcf23c71bb605647f312c44e7 | Triage

Sharing

General

Target

c0b0e536cdb7525c8daf1d03122a1de8e9e04a9bcf23c71bb605647f312c44e7
Size

207KB
Sample

221203-q7z5zafc67
MD5

a45a9e3fdf209e35189975fddfd9d6ba
SHA1

38f74b2d5a2f1029846b4e305be03b1bf95fe3b9
SHA256

c0b0e536cdb7525c8daf1d03122a1de8e9e04a9bcf23c71bb605647f312c44e7
SHA512

511c05d974a38fd37aa9dc71950cbc090f0c83c6bda04a4409138e628d88dd168b9558a0095bfb16436814bb3358f6a3343e536331332ed272b818c148d95286
SSDEEP

6144:K6z8LGramydyw4TV7RgPDGPE4UM0+Kqj8nCpiUC9rL:4Gramydyw4BeKPOqj0oiJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c0b0e536cdb7525c8daf1d03122a1de8e9e04a9bcf23c71bb605647f312c44e7
- Size
  
  207KB
- MD5
  
  a45a9e3fdf209e35189975fddfd9d6ba
- SHA1
  
  38f74b2d5a2f1029846b4e305be03b1bf95fe3b9
- SHA256
  
  c0b0e536cdb7525c8daf1d03122a1de8e9e04a9bcf23c71bb605647f312c44e7
- SHA512
  
  511c05d974a38fd37aa9dc71950cbc090f0c83c6bda04a4409138e628d88dd168b9558a0095bfb16436814bb3358f6a3343e536331332ed272b818c148d95286
- SSDEEP
  
  6144:K6z8LGramydyw4TV7RgPDGPE4UM0+Kqj8nCpiUC9rL:4Gramydyw4BeKPOqj0oiJ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2