cf6e8aa5f113368c904bad8326891e388c902d20353e6ddaceebf4bba52ea54f | Triage

Sharing

General

Target

cf6e8aa5f113368c904bad8326891e388c902d20353e6ddaceebf4bba52ea54f
Size

10.9MB
Sample

221206-hzrjvsea94
MD5

673a56913f6332d9ebde88284a5e4698
SHA1

34603afe31e1bfca52116b409d05737ed991ff1d
SHA256

cf6e8aa5f113368c904bad8326891e388c902d20353e6ddaceebf4bba52ea54f
SHA512

311f6290418a530a2d69393d7af60e9b71e41f2eb5ceddfd456cd25df7ab0fe6c638ee5c01f7360c1606ae278f7433f3daab630f2bfaed89c299bc3e5d7e40ea
SSDEEP

192:c2/2VgqKGxmQtAy2dNQOa099GfsvYgmhT9zHJxhlQtAwimP1oyG+Ra:c2/vg0xlGHjRNvQtAjQ14+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cf6e8aa5f113368c904bad8326891e388c902d20353e6ddaceebf4bba52ea54f
- Size
  
  10.9MB
- MD5
  
  673a56913f6332d9ebde88284a5e4698
- SHA1
  
  34603afe31e1bfca52116b409d05737ed991ff1d
- SHA256
  
  cf6e8aa5f113368c904bad8326891e388c902d20353e6ddaceebf4bba52ea54f
- SHA512
  
  311f6290418a530a2d69393d7af60e9b71e41f2eb5ceddfd456cd25df7ab0fe6c638ee5c01f7360c1606ae278f7433f3daab630f2bfaed89c299bc3e5d7e40ea
- SSDEEP
  
  192:c2/2VgqKGxmQtAy2dNQOa099GfsvYgmhT9zHJxhlQtAwimP1oyG+Ra:c2/vg0xlGHjRNvQtAjQ14+
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2