168b183e4e964395b70b7f540673f85026455458a1adff54e40d56c77b49ad92 | Triage

Sharing

General

Target

168b183e4e964395b70b7f540673f85026455458a1adff54e40d56c77b49ad92.exe
Size

211KB
Sample

240522-eb489sbb8w
MD5

002cd40d89af9998c7c428ba43d1ee00
SHA1

a29a26db429dddcf4d5c4bc56589848e8e9896ea
SHA256

168b183e4e964395b70b7f540673f85026455458a1adff54e40d56c77b49ad92
SHA512

f84eb5fd58fdc3882dd918957ee2604cb12127480d0ae8095ca1e47c14b3e498ff3a33951c75db4824ab577a1d46a680f1bc8364524cfd601985bdb9dc15c127
SSDEEP

6144:UmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:O71YpQiU/RcO1VQInVob

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  168b183e4e964395b70b7f540673f85026455458a1adff54e40d56c77b49ad92.exe
- Size
  
  211KB
- MD5
  
  002cd40d89af9998c7c428ba43d1ee00
- SHA1
  
  a29a26db429dddcf4d5c4bc56589848e8e9896ea
- SHA256
  
  168b183e4e964395b70b7f540673f85026455458a1adff54e40d56c77b49ad92
- SHA512
  
  f84eb5fd58fdc3882dd918957ee2604cb12127480d0ae8095ca1e47c14b3e498ff3a33951c75db4824ab577a1d46a680f1bc8364524cfd601985bdb9dc15c127
- SSDEEP
  
  6144:UmKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:O71YpQiU/RcO1VQInVob
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2