b0486f70c8a4d086617fe54a81f8c2ddecfc4c57311d8c1b9190397eccb6c9bf | Triage

Sharing

General

Target

b0486f70c8a4d086617fe54a81f8c2ddecfc4c57311d8c1b9190397eccb6c9bf
Size

321KB
Sample

221203-smflyabe84
MD5

00bfc15b5527777f676022553d8a4fd6
SHA1

cf71f0be3d4f39df06a1e592354546e6fb0327b8
SHA256

b0486f70c8a4d086617fe54a81f8c2ddecfc4c57311d8c1b9190397eccb6c9bf
SHA512

40b83b00d2277e349419900c4f4ddcb62b4193b8d2c3ccb1f529185ce22cc5286a8306b2c1a63b629d586333ebe2fbe3be685dfd90fce72d0118268595b00e0a
SSDEEP

6144:MTFvhumXZoYt+8wBGUErC36rFd8ya010nvhrTugoYtGg92Iv:GhuG+Tw06rFd8c10nUgoKdz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b0486f70c8a4d086617fe54a81f8c2ddecfc4c57311d8c1b9190397eccb6c9bf
- Size
  
  321KB
- MD5
  
  00bfc15b5527777f676022553d8a4fd6
- SHA1
  
  cf71f0be3d4f39df06a1e592354546e6fb0327b8
- SHA256
  
  b0486f70c8a4d086617fe54a81f8c2ddecfc4c57311d8c1b9190397eccb6c9bf
- SHA512
  
  40b83b00d2277e349419900c4f4ddcb62b4193b8d2c3ccb1f529185ce22cc5286a8306b2c1a63b629d586333ebe2fbe3be685dfd90fce72d0118268595b00e0a
- SSDEEP
  
  6144:MTFvhumXZoYt+8wBGUErC36rFd8ya010nvhrTugoYtGg92Iv:GhuG+Tw06rFd8c10nUgoKdz
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2