c8d720612e33704b360d41d623010187cc29b0cc7a9809120a0d7306d3cd22db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8d720612e33704b360d41d623010187cc29b0cc7a9809120a0d7306d3cd22db
Size

171KB
Sample

221206-xpvwvsgh71
MD5

8c0c2527086d57172e75292a150450a6
SHA1

f3170ee5b296f561281a33a38b9e24aafbb95e81
SHA256

c8d720612e33704b360d41d623010187cc29b0cc7a9809120a0d7306d3cd22db
SHA512

47fbb9dbbaaac04b356bc7c7104c07e90a3bbd32bbc0832c1b8698fa02ca1aea193736894870a94431ced569a597db29da9afb307f4f70800b9344302f0c1905
SSDEEP

3072:Nd1t3qieZu1jDv+pbceOedNvviYK7JLZGIyNpEcVkOGMnIfCG7os0j71:/1tAc1B0NvviYK7JLZGDpEBOGsIfCG7

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c8d720612e33704b360d41d623010187cc29b0cc7a9809120a0d7306d3cd22db
- Size
  
  171KB
- MD5
  
  8c0c2527086d57172e75292a150450a6
- SHA1
  
  f3170ee5b296f561281a33a38b9e24aafbb95e81
- SHA256
  
  c8d720612e33704b360d41d623010187cc29b0cc7a9809120a0d7306d3cd22db
- SHA512
  
  47fbb9dbbaaac04b356bc7c7104c07e90a3bbd32bbc0832c1b8698fa02ca1aea193736894870a94431ced569a597db29da9afb307f4f70800b9344302f0c1905
- SSDEEP
  
  3072:Nd1t3qieZu1jDv+pbceOedNvviYK7JLZGIyNpEcVkOGMnIfCG7os0j71:/1tAc1B0NvviYK7JLZGDpEBOGsIfCG7
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2