bd3553c4061c9a8482f236090371a5bac949db98eaaad0190665020372ef81a8 | Triage

Sharing

General

Target

bd3553c4061c9a8482f236090371a5bac949db98eaaad0190665020372ef81a8
Size

327KB
Sample

221203-rhlfysbe8s
MD5

62dae689b3b349310f5211e5d0ef821c
SHA1

bc199b00f95c4996ac9187876f55558e92c00ee8
SHA256

bd3553c4061c9a8482f236090371a5bac949db98eaaad0190665020372ef81a8
SHA512

71cca697c7d7b3691c1213eecfde0a37738e4f9734f3d6820a0799783f830ed58e26c5764212d80aba160cf60a1b56b5b912957f683396ac9866f6747900cd92
SSDEEP

6144:1ZSMmlht5MWW3IBoTv5l92+bPnonxV3pT0x5jXvN2vw/c3XRu7:1ZKMTIWVuNnxVR07XvNz/cR4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  bd3553c4061c9a8482f236090371a5bac949db98eaaad0190665020372ef81a8
- Size
  
  327KB
- MD5
  
  62dae689b3b349310f5211e5d0ef821c
- SHA1
  
  bc199b00f95c4996ac9187876f55558e92c00ee8
- SHA256
  
  bd3553c4061c9a8482f236090371a5bac949db98eaaad0190665020372ef81a8
- SHA512
  
  71cca697c7d7b3691c1213eecfde0a37738e4f9734f3d6820a0799783f830ed58e26c5764212d80aba160cf60a1b56b5b912957f683396ac9866f6747900cd92
- SSDEEP
  
  6144:1ZSMmlht5MWW3IBoTv5l92+bPnonxV3pT0x5jXvN2vw/c3XRu7:1ZKMTIWVuNnxVR07XvNz/cR4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2