cddc77ad07fb6326663655c68b835446a8ba38e307105085e1fea62b203c589d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cddc77ad07fb6326663655c68b835446a8ba38e307105085e1fea62b203c589d
Size

340KB
Sample

221206-bbtkzsfg9x
MD5

69f398e4816a22ad73b331ed2b1a4499
SHA1

fe54f48f6fddc7ad47113fa4961c4590619c6602
SHA256

cddc77ad07fb6326663655c68b835446a8ba38e307105085e1fea62b203c589d
SHA512

22158a864adaec8e63560d2b6032083685a36f15c44eea20904c03e5dc5a9ea486b414b5fa9dfcfcdccccb5f763e1786fe7a469dc42b4482d984336d8e93f43f
SSDEEP

3072:GvRBC37ZuegYTfc+mr+NJ1biezhNuJFIejQlP+oPj7IApQk:AR8LZZgYLcQT1biez7ufdslP9JG

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cddc77ad07fb6326663655c68b835446a8ba38e307105085e1fea62b203c589d
- Size
  
  340KB
- MD5
  
  69f398e4816a22ad73b331ed2b1a4499
- SHA1
  
  fe54f48f6fddc7ad47113fa4961c4590619c6602
- SHA256
  
  cddc77ad07fb6326663655c68b835446a8ba38e307105085e1fea62b203c589d
- SHA512
  
  22158a864adaec8e63560d2b6032083685a36f15c44eea20904c03e5dc5a9ea486b414b5fa9dfcfcdccccb5f763e1786fe7a469dc42b4482d984336d8e93f43f
- SSDEEP
  
  3072:GvRBC37ZuegYTfc+mr+NJ1biezhNuJFIejQlP+oPj7IApQk:AR8LZZgYLcQT1biez7ufdslP9JG
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence