da7b89405619f51e04ded0c653dacf98f533ed218698e5208550eb74e55d69bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da7b89405619f51e04ded0c653dacf98f533ed218698e5208550eb74e55d69bc
Size

482KB
Sample

221206-tn9rvach52
MD5

3e17e381e7592c0d03e8882ac8c253b4
SHA1

d53c03b94ec270e001068b998e2f39aabcf4021b
SHA256

da7b89405619f51e04ded0c653dacf98f533ed218698e5208550eb74e55d69bc
SHA512

1f7867a33d6b619650e216b5bc36427838c17568aac3a0f1fa0b862893eb763ec0c50ab537dd47fb39db9cf71145003503884e0c9e1d614231339fc2f6543757
SSDEEP

6144:Z/0qTn9J4LmDuvayK1GqzhnOxf6SSfSEmJBXGHZ8Z:6qTn9umDuvavHhy6lfCBWHZC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  da7b89405619f51e04ded0c653dacf98f533ed218698e5208550eb74e55d69bc
- Size
  
  482KB
- MD5
  
  3e17e381e7592c0d03e8882ac8c253b4
- SHA1
  
  d53c03b94ec270e001068b998e2f39aabcf4021b
- SHA256
  
  da7b89405619f51e04ded0c653dacf98f533ed218698e5208550eb74e55d69bc
- SHA512
  
  1f7867a33d6b619650e216b5bc36427838c17568aac3a0f1fa0b862893eb763ec0c50ab537dd47fb39db9cf71145003503884e0c9e1d614231339fc2f6543757
- SSDEEP
  
  6144:Z/0qTn9J4LmDuvayK1GqzhnOxf6SSfSEmJBXGHZ8Z:6qTn9umDuvavHhy6lfCBWHZC
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2