ee3647bc00007a5becff10f1bdae0694115bd55fc0d52a6274316146e1258d67 | Triage

Sharing

General

Target

ee3647bc00007a5becff10f1bdae0694115bd55fc0d52a6274316146e1258d67
Size

98KB
Sample

201018-nt6br42das
MD5

5946eea73e2692f395c1b05f99863a43
SHA1

dfd621d5ff5fe5213284c7a876785dfd75d4018e
SHA256

ee3647bc00007a5becff10f1bdae0694115bd55fc0d52a6274316146e1258d67
SHA512

e1832de1b16ad4aea01044591d93149d1c40dd645a27c3a9f69a926632e8c61d0419107de862abf34f2ba344af9903d95d9ad5a54e58c9f713d4058541dc30e2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ee3647bc00007a5becff10f1bdae0694115bd55fc0d52a6274316146e1258d67
- Size
  
  98KB
- MD5
  
  5946eea73e2692f395c1b05f99863a43
- SHA1
  
  dfd621d5ff5fe5213284c7a876785dfd75d4018e
- SHA256
  
  ee3647bc00007a5becff10f1bdae0694115bd55fc0d52a6274316146e1258d67
- SHA512
  
  e1832de1b16ad4aea01044591d93149d1c40dd645a27c3a9f69a926632e8c61d0419107de862abf34f2ba344af9903d95d9ad5a54e58c9f713d4058541dc30e2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2