ce8cce2428427a384c222bb0376f841f87368d88447c9389770bcbbb0337caca | Triage

Sharing

General

Target

ce8cce2428427a384c222bb0376f841f87368d88447c9389770bcbbb0337caca
Size

156KB
Sample

221206-xjhpcadf87
MD5

c394c81cf24a97464fcfc7aa31ce829e
SHA1

3c282e950e995066efc38d5c59da6ef6ce45bd50
SHA256

ce8cce2428427a384c222bb0376f841f87368d88447c9389770bcbbb0337caca
SHA512

5fde6822deb3e00a874a6a2200d3d460dad7cf41e6af506162c4049e7bd3fd087de887cf65a890be83958ea0139124f52781ec5df771a8001fc43a48dcf8bf13
SSDEEP

3072:ubG96fyEgBiMYwxRovRgHp2DLZcxov6XA2UYPHzHZesPRPHY:ubG9HNB/YwAvRC2/ZcSyXA/KZt1HY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ce8cce2428427a384c222bb0376f841f87368d88447c9389770bcbbb0337caca
- Size
  
  156KB
- MD5
  
  c394c81cf24a97464fcfc7aa31ce829e
- SHA1
  
  3c282e950e995066efc38d5c59da6ef6ce45bd50
- SHA256
  
  ce8cce2428427a384c222bb0376f841f87368d88447c9389770bcbbb0337caca
- SHA512
  
  5fde6822deb3e00a874a6a2200d3d460dad7cf41e6af506162c4049e7bd3fd087de887cf65a890be83958ea0139124f52781ec5df771a8001fc43a48dcf8bf13
- SSDEEP
  
  3072:ubG96fyEgBiMYwxRovRgHp2DLZcxov6XA2UYPHzHZesPRPHY:ubG9HNB/YwAvRC2/ZcSyXA/KZt1HY
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2