b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6 | Triage

Sharing

General

Target

b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6
Size

191KB
Sample

201004-c3y6j2sy66
MD5

77b0bb6da287fce8e8e0f7a6cecf19e1
SHA1

979007ae0a74b0d1191ccf035e3ef4c861dded55
SHA256

b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6
SHA512

73f36543994ef369754d290622997270c619d699b420c660744d68f84518ee5dd6c094496e7c0cf11f6cff111e763cbfd827f1fbfe4ccc1273317992f60467a5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6
- Size
  
  191KB
- MD5
  
  77b0bb6da287fce8e8e0f7a6cecf19e1
- SHA1
  
  979007ae0a74b0d1191ccf035e3ef4c861dded55
- SHA256
  
  b2097005e9acb8c20765cd74080713d30175b8a859a1db51b56f3fe4f38fc5c6
- SHA512
  
  73f36543994ef369754d290622997270c619d699b420c660744d68f84518ee5dd6c094496e7c0cf11f6cff111e763cbfd827f1fbfe4ccc1273317992f60467a5
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2