c3836739fd446eb078f406911d94a98bb450dbbc23cdea2ec7f38802911200f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3836739fd446eb078f406911d94a98bb450dbbc23cdea2ec7f38802911200f3
Size

236KB
Sample

221203-xkgtfaah9v
MD5

00ef874eeb7710ada8e24a20ba7edae9
SHA1

4fe3a5af8c9338cb72a7e2fb44b1590810865126
SHA256

c3836739fd446eb078f406911d94a98bb450dbbc23cdea2ec7f38802911200f3
SHA512

455a3aa6cae03bcc421f861a5f0030f116708f8155e5e3d3d2d11601bb0178b3c8ab82b1c43cc1d55891dcbadcefcda28eb45cd03c524d26dea6ddb13b8ac5d9
SSDEEP

1536:A5BYt84zIA4F0MbzbozXaRqSF+2zWKwS9svXkXKMgPadoPQh0psJwV:AYt8BdoraghZS2/iKM42om06a

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c3836739fd446eb078f406911d94a98bb450dbbc23cdea2ec7f38802911200f3
- Size
  
  236KB
- MD5
  
  00ef874eeb7710ada8e24a20ba7edae9
- SHA1
  
  4fe3a5af8c9338cb72a7e2fb44b1590810865126
- SHA256
  
  c3836739fd446eb078f406911d94a98bb450dbbc23cdea2ec7f38802911200f3
- SHA512
  
  455a3aa6cae03bcc421f861a5f0030f116708f8155e5e3d3d2d11601bb0178b3c8ab82b1c43cc1d55891dcbadcefcda28eb45cd03c524d26dea6ddb13b8ac5d9
- SSDEEP
  
  1536:A5BYt84zIA4F0MbzbozXaRqSF+2zWKwS9svXkXKMgPadoPQh0psJwV:AYt8BdoraghZS2/iKM42om06a
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2