bb75d889712ea5690c7214cedbc96cf0201c743abd88b357b606ccedb80d70b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb75d889712ea5690c7214cedbc96cf0201c743abd88b357b606ccedb80d70b3
Size

363KB
Sample

221206-q4kacada87
MD5

3e1e738044669d8859363af76a61a70d
SHA1

05fe380e80bb34c9866406fb6d95303a0fe7356c
SHA256

bb75d889712ea5690c7214cedbc96cf0201c743abd88b357b606ccedb80d70b3
SHA512

2b61dc1f9a350cd909622cba08e3875a3af4a67a149b9a7c3dc9216a2c1fe0c301269bc26fd3947f247705fd1a52992f5ead939194c0bc0cf15c38edb87376b8
SSDEEP

6144:6G1gs+OvrXMGus67ThaWOPCTUYeKyq/N098UmLq98OLg3ZPIW/QnaOhzN3n75:hLcGt63OqTkV92OSZPxfeZL

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  bb75d889712ea5690c7214cedbc96cf0201c743abd88b357b606ccedb80d70b3
- Size
  
  363KB
- MD5
  
  3e1e738044669d8859363af76a61a70d
- SHA1
  
  05fe380e80bb34c9866406fb6d95303a0fe7356c
- SHA256
  
  bb75d889712ea5690c7214cedbc96cf0201c743abd88b357b606ccedb80d70b3
- SHA512
  
  2b61dc1f9a350cd909622cba08e3875a3af4a67a149b9a7c3dc9216a2c1fe0c301269bc26fd3947f247705fd1a52992f5ead939194c0bc0cf15c38edb87376b8
- SSDEEP
  
  6144:6G1gs+OvrXMGus67ThaWOPCTUYeKyq/N098UmLq98OLg3ZPIW/QnaOhzN3n75:hLcGt63OqTkV92OSZPxfeZL
Score

7^/10

persistence
- Loads dropped DLL
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2