f85de6af9b647618cfe5c4b6c029825e0defa44cab08acda974e8466fc03b458 | Triage

Sharing

General

Target

f85de6af9b647618cfe5c4b6c029825e0defa44cab08acda974e8466fc03b458
Size

368KB
Sample

221205-gdhjdsag49
MD5

0392e35ba57bd2daeb65869029e6be10
SHA1

087e868b00fae2577ff62d688184ab9ae03562ce
SHA256

f85de6af9b647618cfe5c4b6c029825e0defa44cab08acda974e8466fc03b458
SHA512

af96a20a4cd61d5e3aa08809d36685278f1ba0971321a276ab2a66c757a7bc8a35a1516c7acc32cb7ee83ee1124fcfb1710b43abae79df94d0b10c8dd3035450
SSDEEP

6144:5731bdBaBUylz6Xey9ehQ+CNqEc43B3P/EEuY18dNxTu6AfYRtPTh9oDF1SW2:51bDylWeZQ+CkfEJXE/UgTu6jjKF1SW2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f85de6af9b647618cfe5c4b6c029825e0defa44cab08acda974e8466fc03b458
- Size
  
  368KB
- MD5
  
  0392e35ba57bd2daeb65869029e6be10
- SHA1
  
  087e868b00fae2577ff62d688184ab9ae03562ce
- SHA256
  
  f85de6af9b647618cfe5c4b6c029825e0defa44cab08acda974e8466fc03b458
- SHA512
  
  af96a20a4cd61d5e3aa08809d36685278f1ba0971321a276ab2a66c757a7bc8a35a1516c7acc32cb7ee83ee1124fcfb1710b43abae79df94d0b10c8dd3035450
- SSDEEP
  
  6144:5731bdBaBUylz6Xey9ehQ+CNqEc43B3P/EEuY18dNxTu6AfYRtPTh9oDF1SW2:51bDylWeZQ+CkfEJXE/UgTu6jjKF1SW2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2