6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262 | Triage

Sharing

General

Target

6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262
Size

65KB
Sample

200920-3mqnfpt2ys
MD5

9998fdf06c91184c9269fd16ce6a4a8c
SHA1

2d94aa824c39cf20973daccdbf069fb6bffcc36a
SHA256

6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262
SHA512

c1236f9db35f6d41a1250d2091fecc4e1b350d60c9de495b02f6a03877acab5e11279ccd4cd8eb3a27f740ddae83b6b3062b2d25e0d9252d9dbd79aba065fa98

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262
- Size
  
  65KB
- MD5
  
  9998fdf06c91184c9269fd16ce6a4a8c
- SHA1
  
  2d94aa824c39cf20973daccdbf069fb6bffcc36a
- SHA256
  
  6bc0d0292242de6b00ec7ea6a78b00c8ca764b1f605ed49f864ba2e916ec9262
- SHA512
  
  c1236f9db35f6d41a1250d2091fecc4e1b350d60c9de495b02f6a03877acab5e11279ccd4cd8eb3a27f740ddae83b6b3062b2d25e0d9252d9dbd79aba065fa98
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2