1283285b7d4791bacfcbd29c8d579785b75a636d1e1866d8219600a353bb8973 | Triage

Sharing

General

Target

1283285b7d4791bacfcbd29c8d579785b75a636d1e1866d8219600a353bb8973
Size

72KB
Sample

200816-wanx7z71ss
MD5

052ccfcaf3c8f4008d8cdd8c473c879c
SHA1

87d7f7484426a11b75b56e5057df507593cead93
SHA256

1283285b7d4791bacfcbd29c8d579785b75a636d1e1866d8219600a353bb8973
SHA512

d989bbb902658873cdaae07271235f6801010960aac9be6237096274ef38b9a34d374e6534c57e5fc94837857c92f689cf05df397ee43fb50e3fdb9fb63cc398

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1283285b7d4791bacfcbd29c8d579785b75a636d1e1866d8219600a353bb8973
- Size
  
  72KB
- MD5
  
  052ccfcaf3c8f4008d8cdd8c473c879c
- SHA1
  
  87d7f7484426a11b75b56e5057df507593cead93
- SHA256
  
  1283285b7d4791bacfcbd29c8d579785b75a636d1e1866d8219600a353bb8973
- SHA512
  
  d989bbb902658873cdaae07271235f6801010960aac9be6237096274ef38b9a34d374e6534c57e5fc94837857c92f689cf05df397ee43fb50e3fdb9fb63cc398
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2