d91d842ca63f9a74ce1f49147e041d729af9e4775a4b1f18e7779a5f2dbe6b81 | Triage

Sharing

General

Target

d91d842ca63f9a74ce1f49147e041d729af9e4775a4b1f18e7779a5f2dbe6b81
Size

105KB
Sample

201031-nynf2vkv46
MD5

f41ca96be6bfbd75c033a11c13f1de64
SHA1

abc54df72498ba115a02d0a5fce7a404ca3ae8d9
SHA256

d91d842ca63f9a74ce1f49147e041d729af9e4775a4b1f18e7779a5f2dbe6b81
SHA512

191aa2a4b67435d918cb42463ce2f662568b2c09b3099203260915853177e63de8a36883bf8a2ea15b7ff13b6188377c064d26eb3499868001b08583a6888468

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d91d842ca63f9a74ce1f49147e041d729af9e4775a4b1f18e7779a5f2dbe6b81
- Size
  
  105KB
- MD5
  
  f41ca96be6bfbd75c033a11c13f1de64
- SHA1
  
  abc54df72498ba115a02d0a5fce7a404ca3ae8d9
- SHA256
  
  d91d842ca63f9a74ce1f49147e041d729af9e4775a4b1f18e7779a5f2dbe6b81
- SHA512
  
  191aa2a4b67435d918cb42463ce2f662568b2c09b3099203260915853177e63de8a36883bf8a2ea15b7ff13b6188377c064d26eb3499868001b08583a6888468
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2