c6ddb66642b3a3fe0116bb6a7524639c9d29f5118c1daeae6cd678ba677fbecc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

014bc24c9c4a1fd6f378d8cfded3f0d6
Size

51KB
Sample

231229-xt65pabfh8
MD5

014bc24c9c4a1fd6f378d8cfded3f0d6
SHA1

557d12cc8fc24d7aa813e6d55303da18ce0bd1df
SHA256

c6ddb66642b3a3fe0116bb6a7524639c9d29f5118c1daeae6cd678ba677fbecc
SHA512

321ec9efa702960cb625ea9ebe1fa60a790d35feaa46141586b837d951d905f16cda03746b345d9caf60608758b3a3f0d80b5df42651b4a29152736fdfc231c2
SSDEEP

1536:8XUwS0k8JP2iq1CpIhX2U9VDAh8aQt6vVc7QDSv:zwS0JP2Z1SIFNDrtYwQDSv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  014bc24c9c4a1fd6f378d8cfded3f0d6
- Size
  
  51KB
- MD5
  
  014bc24c9c4a1fd6f378d8cfded3f0d6
- SHA1
  
  557d12cc8fc24d7aa813e6d55303da18ce0bd1df
- SHA256
  
  c6ddb66642b3a3fe0116bb6a7524639c9d29f5118c1daeae6cd678ba677fbecc
- SHA512
  
  321ec9efa702960cb625ea9ebe1fa60a790d35feaa46141586b837d951d905f16cda03746b345d9caf60608758b3a3f0d80b5df42651b4a29152736fdfc231c2
- SSDEEP
  
  1536:8XUwS0k8JP2iq1CpIhX2U9VDAh8aQt6vVc7QDSv:zwS0JP2Z1SIFNDrtYwQDSv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2