ab995a159e3b2656f1b550fc1d628a8f9ccc842cc5d7b4bfc46d45edd193e9fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab995a159e3b2656f1b550fc1d628a8f9ccc842cc5d7b4bfc46d45edd193e9fe
Size

1015KB
Sample

221206-xvzr1ahd9z
MD5

85e877c9dc0ab5ea05329a7d1e49bd4a
SHA1

b023176c2e0b10bbbb32916d9581c35b3c048c5e
SHA256

ab995a159e3b2656f1b550fc1d628a8f9ccc842cc5d7b4bfc46d45edd193e9fe
SHA512

75e9e30565067cfe948ad11c9f44a1f31509101d38af2f6a80dd51d09e1e7d05d9ce9bfc4f6c5c5da5e4d84aad45207c1f0048ef7267cae27718a50fcda09513
SSDEEP

24576:q323kJlQR7NwbVq+xIJFugvuCQQlPb6MADm6RIcDyR63U1q:q323kJlQR7NwbVqgZwQWPb/Aa6RvTEY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ab995a159e3b2656f1b550fc1d628a8f9ccc842cc5d7b4bfc46d45edd193e9fe
- Size
  
  1015KB
- MD5
  
  85e877c9dc0ab5ea05329a7d1e49bd4a
- SHA1
  
  b023176c2e0b10bbbb32916d9581c35b3c048c5e
- SHA256
  
  ab995a159e3b2656f1b550fc1d628a8f9ccc842cc5d7b4bfc46d45edd193e9fe
- SHA512
  
  75e9e30565067cfe948ad11c9f44a1f31509101d38af2f6a80dd51d09e1e7d05d9ce9bfc4f6c5c5da5e4d84aad45207c1f0048ef7267cae27718a50fcda09513
- SSDEEP
  
  24576:q323kJlQR7NwbVq+xIJFugvuCQQlPb6MADm6RIcDyR63U1q:q323kJlQR7NwbVqgZwQWPb/Aa6RvTEY
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2