feccf5bed3395461d036a172640b8a608306ed5df382e191ff50487c70be044c | Triage

Sharing

General

Target

feccf5bed3395461d036a172640b8a608306ed5df382e191ff50487c70be044c
Size

931KB
Sample

221205-t12l1afh92
MD5

e7936cd99e9560a22589e64b3c8691fb
SHA1

d74f460f3d08db951c2e12ccf12ebe32ab6972d7
SHA256

feccf5bed3395461d036a172640b8a608306ed5df382e191ff50487c70be044c
SHA512

44278281b25657209f772f2ddd6f27796569d34d4c9f740d4c87e48c1f06cee0bead9cfe665564a0cb4a5ccc586cc14fe6d58ddd01040fd92f858ae477f35e46
SSDEEP

12288:O6V3hTmlsPN1m3/apZ/8BgKB5KEJxJY2ADlreKvMYe5MwWEhxwG+IxygVq7+F7uI:dV3BmSy/apy4qzYH5eK6HPw9xg4i7e6n

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  feccf5bed3395461d036a172640b8a608306ed5df382e191ff50487c70be044c
- Size
  
  931KB
- MD5
  
  e7936cd99e9560a22589e64b3c8691fb
- SHA1
  
  d74f460f3d08db951c2e12ccf12ebe32ab6972d7
- SHA256
  
  feccf5bed3395461d036a172640b8a608306ed5df382e191ff50487c70be044c
- SHA512
  
  44278281b25657209f772f2ddd6f27796569d34d4c9f740d4c87e48c1f06cee0bead9cfe665564a0cb4a5ccc586cc14fe6d58ddd01040fd92f858ae477f35e46
- SSDEEP
  
  12288:O6V3hTmlsPN1m3/apZ/8BgKB5KEJxJY2ADlreKvMYe5MwWEhxwG+IxygVq7+F7uI:dV3BmSy/apy4qzYH5eK6HPw9xg4i7e6n
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2