9816cd09e45d23bcb83e0367bf4abac7ca9fad0bd7cfa8ace827b3f18bd2a70b | Triage

Sharing

General

Target

9816cd09e45d23bcb83e0367bf4abac7ca9fad0bd7cfa8ace827b3f18bd2a70b
Size

259KB
Sample

221205-nv16dsba8y
MD5

b2b218083c76956a3dd40de510b65c27
SHA1

4822b6d15e0c464c0d18790698c7c6234cb474df
SHA256

9816cd09e45d23bcb83e0367bf4abac7ca9fad0bd7cfa8ace827b3f18bd2a70b
SHA512

70a057d0747629c4f186693a85005a20d7a4c8078272dac629e2de5fb36c1f7ab72bc79d8f3f77f757436b83fd012869b769b99e537229182931d48cb5068cdb
SSDEEP

6144:vx9PP90i6dC9i2e3ijBHJ6/gkToLcXKAJEBdW7YXxglx3Jysk+:p9n90i6YivuB8tgeLQaljJk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9816cd09e45d23bcb83e0367bf4abac7ca9fad0bd7cfa8ace827b3f18bd2a70b
- Size
  
  259KB
- MD5
  
  b2b218083c76956a3dd40de510b65c27
- SHA1
  
  4822b6d15e0c464c0d18790698c7c6234cb474df
- SHA256
  
  9816cd09e45d23bcb83e0367bf4abac7ca9fad0bd7cfa8ace827b3f18bd2a70b
- SHA512
  
  70a057d0747629c4f186693a85005a20d7a4c8078272dac629e2de5fb36c1f7ab72bc79d8f3f77f757436b83fd012869b769b99e537229182931d48cb5068cdb
- SSDEEP
  
  6144:vx9PP90i6dC9i2e3ijBHJ6/gkToLcXKAJEBdW7YXxglx3Jysk+:p9n90i6YivuB8tgeLQaljJk
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2