03cd3adc49fa627ce42b49b6ebc46c09781050ea9420668de6496d9e0604f98f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03cd3adc49fa627ce42b49b6ebc46c09781050ea9420668de6496d9e0604f98f
Size

569KB
Sample

221206-1vfwnsgc44
MD5

d2faceb3f4961e2d26cb738832528785
SHA1

2cb0ce48f0d40940db50c3b0d01d96e428186cb2
SHA256

03cd3adc49fa627ce42b49b6ebc46c09781050ea9420668de6496d9e0604f98f
SHA512

1cc892c34ac4d777c649cfbba63d94b4a24abe94af18c1e905c8cb2d9bd53c09336f15f3fa90b87949545188ad9032adb9610759685a99f9d133b78ef977b347
SSDEEP

12288:51bEvIqTA9EpJOZN+jAUgkInnhulu38dOvJO9tEvddfU7GDB8dkx:51bEvIu3AwghuMuHIdBU7KB8dkx

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  03cd3adc49fa627ce42b49b6ebc46c09781050ea9420668de6496d9e0604f98f
- Size
  
  569KB
- MD5
  
  d2faceb3f4961e2d26cb738832528785
- SHA1
  
  2cb0ce48f0d40940db50c3b0d01d96e428186cb2
- SHA256
  
  03cd3adc49fa627ce42b49b6ebc46c09781050ea9420668de6496d9e0604f98f
- SHA512
  
  1cc892c34ac4d777c649cfbba63d94b4a24abe94af18c1e905c8cb2d9bd53c09336f15f3fa90b87949545188ad9032adb9610759685a99f9d133b78ef977b347
- SSDEEP
  
  12288:51bEvIqTA9EpJOZN+jAUgkInnhulu38dOvJO9tEvddfU7GDB8dkx:51bEvIu3AwghuMuHIdBU7KB8dkx
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2