c50450a7fd9f4923dbae671fc56529d6d6d2fd49a510024db10f207023e16e0b | Triage

Sharing

General

Target

c50450a7fd9f4923dbae671fc56529d6d6d2fd49a510024db10f207023e16e0b
Size

23.5MB
Sample

221206-jefsasae9s
MD5

cdf35c5dfa8200aaccfb490eaeb2c896
SHA1

18c33cf80afa26a87e7a0ac182947f491cddd0ba
SHA256

c50450a7fd9f4923dbae671fc56529d6d6d2fd49a510024db10f207023e16e0b
SHA512

7a0dd278da43eff827b6228c14724218bbfb7042ad1ae641982bf32786f67d59276b12c5b277c8c6d2a514655afd51bd844a119f6fc18a9a32df0a395ede4f75
SSDEEP

192:c2/2VgqKGxmQtAy2dNQOa099GfsvYgmhT9zHJxhlQtAwimP1oyG+Rab:c2/vg0xlGHjRNvQtAjQ14+2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c50450a7fd9f4923dbae671fc56529d6d6d2fd49a510024db10f207023e16e0b
- Size
  
  23.5MB
- MD5
  
  cdf35c5dfa8200aaccfb490eaeb2c896
- SHA1
  
  18c33cf80afa26a87e7a0ac182947f491cddd0ba
- SHA256
  
  c50450a7fd9f4923dbae671fc56529d6d6d2fd49a510024db10f207023e16e0b
- SHA512
  
  7a0dd278da43eff827b6228c14724218bbfb7042ad1ae641982bf32786f67d59276b12c5b277c8c6d2a514655afd51bd844a119f6fc18a9a32df0a395ede4f75
- SSDEEP
  
  192:c2/2VgqKGxmQtAy2dNQOa099GfsvYgmhT9zHJxhlQtAwimP1oyG+Rab:c2/vg0xlGHjRNvQtAjQ14+2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2