c0c7feb52fb0ed7677e0155d2188ee3545e3a6b75b1841c9593a6c7df3478f21 | Triage

Sharing

General

Target

c0c7feb52fb0ed7677e0155d2188ee3545e3a6b75b1841c9593a6c7df3478f21
Size

36KB
Sample

221206-jj2wbsba6w
MD5

5b13cee792e7423f5701502f305be662
SHA1

adbc66931e5a7df8e1f7d79c25f220d7f9cfff4f
SHA256

c0c7feb52fb0ed7677e0155d2188ee3545e3a6b75b1841c9593a6c7df3478f21
SHA512

84f20723b4ff9da2ecaef9f60920766c612c14bc5266eb98f96c857abc68514eb88c95c4a825d4fc268cc49883da25762f3ea7a1be61cb217d2185e2200b0108
SSDEEP

768:tImtkZduLaB8pn2ll5BIHI3DqkJ6JWhZahsXxeCTNWtk:tImtTL32ll5BwI3DfJ6JOdu

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c0c7feb52fb0ed7677e0155d2188ee3545e3a6b75b1841c9593a6c7df3478f21
- Size
  
  36KB
- MD5
  
  5b13cee792e7423f5701502f305be662
- SHA1
  
  adbc66931e5a7df8e1f7d79c25f220d7f9cfff4f
- SHA256
  
  c0c7feb52fb0ed7677e0155d2188ee3545e3a6b75b1841c9593a6c7df3478f21
- SHA512
  
  84f20723b4ff9da2ecaef9f60920766c612c14bc5266eb98f96c857abc68514eb88c95c4a825d4fc268cc49883da25762f3ea7a1be61cb217d2185e2200b0108
- SSDEEP
  
  768:tImtkZduLaB8pn2ll5BIHI3DqkJ6JWhZahsXxeCTNWtk:tImtTL32ll5BwI3DfJ6JOdu
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies firewall policy service
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence