a767c89d46df974f3bff84a84e0db3d863022ccd0a8d38cc37c8ab1ca05f8737 | Triage

Sharing

General

Target

a767c89d46df974f3bff84a84e0db3d863022ccd0a8d38cc37c8ab1ca05f8737
Size

76KB
Sample

201031-4zh1adkh1n
MD5

d8d965ffc132a90a5190a169c4195a12
SHA1

5e6e1442f0d3e65bb66c835c1fd13f07d8be8447
SHA256

a767c89d46df974f3bff84a84e0db3d863022ccd0a8d38cc37c8ab1ca05f8737
SHA512

3dbab1d416cf602788eaf1a56e9a062592da6d75148cb3bddeae773eb3a41cdb2ac5af3a82ff8d5715accb1447cdc1f047679340eea7954b30609dc579cf7539

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a767c89d46df974f3bff84a84e0db3d863022ccd0a8d38cc37c8ab1ca05f8737
- Size
  
  76KB
- MD5
  
  d8d965ffc132a90a5190a169c4195a12
- SHA1
  
  5e6e1442f0d3e65bb66c835c1fd13f07d8be8447
- SHA256
  
  a767c89d46df974f3bff84a84e0db3d863022ccd0a8d38cc37c8ab1ca05f8737
- SHA512
  
  3dbab1d416cf602788eaf1a56e9a062592da6d75148cb3bddeae773eb3a41cdb2ac5af3a82ff8d5715accb1447cdc1f047679340eea7954b30609dc579cf7539
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2