979a1198a7b03fb17cb68cad02c033378187286f40042845812796e7eb0e8839 | Triage

Sharing

General

Target

979a1198a7b03fb17cb68cad02c033378187286f40042845812796e7eb0e8839
Size

361KB
Sample

221204-m2arcafh7z
MD5

43f065eaf202d1a60ec909f04d545a74
SHA1

860b8d14f11b12e75bfb3d4eca0f3775fb6f75a4
SHA256

979a1198a7b03fb17cb68cad02c033378187286f40042845812796e7eb0e8839
SHA512

0c3e222edfe7bf64c400ab7d8c2152d1b86ebf553d74c796d2e2143e0e4aac36e2b032648067a0bd8ae6dd9d24954c13a7c1b378c8405fd1bfd038650846fb19
SSDEEP

6144:HG/IQQ3wGTjqSB+7V0RnoHUQiAZSyBATNTKkOYtKvdYPQn5sXv+xRU/QFv5wiLv/:MQjFB+v0QNvBkTKkHUdYPQn5s/+Cav5l

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  979a1198a7b03fb17cb68cad02c033378187286f40042845812796e7eb0e8839
- Size
  
  361KB
- MD5
  
  43f065eaf202d1a60ec909f04d545a74
- SHA1
  
  860b8d14f11b12e75bfb3d4eca0f3775fb6f75a4
- SHA256
  
  979a1198a7b03fb17cb68cad02c033378187286f40042845812796e7eb0e8839
- SHA512
  
  0c3e222edfe7bf64c400ab7d8c2152d1b86ebf553d74c796d2e2143e0e4aac36e2b032648067a0bd8ae6dd9d24954c13a7c1b378c8405fd1bfd038650846fb19
- SSDEEP
  
  6144:HG/IQQ3wGTjqSB+7V0RnoHUQiAZSyBATNTKkOYtKvdYPQn5sXv+xRU/QFv5wiLv/:MQjFB+v0QNvBkTKkHUdYPQn5s/+Cav5l
Score

7^/10

persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2