dd1192f709d11421307f4df188a41f2435093fad6212d42e6e2cedfacce09990 | Triage

Sharing

General

Target

dd1192f709d11421307f4df188a41f2435093fad6212d42e6e2cedfacce09990
Size

1015KB
Sample

221206-xvyvpshd9y
MD5

5100df5574524e488d1cba686c268f44
SHA1

50a6be73f2f3360e0b183ad3206629cb2744f824
SHA256

dd1192f709d11421307f4df188a41f2435093fad6212d42e6e2cedfacce09990
SHA512

128dc7fd9add9f7314d52a7b64c3d4a482ade16662b296a54ddf203128e23d1c57a5e05397337691422f3b0727726c3b50753ea5aa5736781cf2e43ad0f29277
SSDEEP

24576:b04R5+xIJFugvuCQQlPb6MADm6RIcDyR63U1q:b04vgZwQWPb/Aa6RvTEY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dd1192f709d11421307f4df188a41f2435093fad6212d42e6e2cedfacce09990
- Size
  
  1015KB
- MD5
  
  5100df5574524e488d1cba686c268f44
- SHA1
  
  50a6be73f2f3360e0b183ad3206629cb2744f824
- SHA256
  
  dd1192f709d11421307f4df188a41f2435093fad6212d42e6e2cedfacce09990
- SHA512
  
  128dc7fd9add9f7314d52a7b64c3d4a482ade16662b296a54ddf203128e23d1c57a5e05397337691422f3b0727726c3b50753ea5aa5736781cf2e43ad0f29277
- SSDEEP
  
  24576:b04R5+xIJFugvuCQQlPb6MADm6RIcDyR63U1q:b04vgZwQWPb/Aa6RvTEY
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2