f850d632c87e450df35e768522697bf8da37e3a2674acdd5810452c884dc87b3 | Triage

Sharing

General

Target

f850d632c87e450df35e768522697bf8da37e3a2674acdd5810452c884dc87b3
Size

36KB
Sample

221206-tac6qabf65
MD5

a300dc8d756dd0cb863ae0c486f424e9
SHA1

d30b2ce11016659344a74955d933d405d7a7ad66
SHA256

f850d632c87e450df35e768522697bf8da37e3a2674acdd5810452c884dc87b3
SHA512

f49679820355d89946f6a63193281a127dccb2f1a4eab7fda0168dea2f9fefdce7a7acd189ce053c7fa7305e8ce0849cbc53dcc72596ae913c385f87a52d397b
SSDEEP

768:sUXfmTR6v/x9VINA9gEQPAhZTIDQ5sHS34:sUvmTgv/SNAEFS34

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f850d632c87e450df35e768522697bf8da37e3a2674acdd5810452c884dc87b3
- Size
  
  36KB
- MD5
  
  a300dc8d756dd0cb863ae0c486f424e9
- SHA1
  
  d30b2ce11016659344a74955d933d405d7a7ad66
- SHA256
  
  f850d632c87e450df35e768522697bf8da37e3a2674acdd5810452c884dc87b3
- SHA512
  
  f49679820355d89946f6a63193281a127dccb2f1a4eab7fda0168dea2f9fefdce7a7acd189ce053c7fa7305e8ce0849cbc53dcc72596ae913c385f87a52d397b
- SSDEEP
  
  768:sUXfmTR6v/x9VINA9gEQPAhZTIDQ5sHS34:sUvmTgv/SNAEFS34
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2