a66004cf8bde5bf53dc67389023b59a97e32f5c50c8820921bb179cf05e1a94c | Triage

Sharing

General

Target

a66004cf8bde5bf53dc67389023b59a97e32f5c50c8820921bb179cf05e1a94c
Size

74KB
Sample

201108-5zpzwdsfde
MD5

ed69d9bb9335abe981caa682262b20e1
SHA1

51c0e64511317c87d32cfb58a8c12ebf16a27521
SHA256

a66004cf8bde5bf53dc67389023b59a97e32f5c50c8820921bb179cf05e1a94c
SHA512

df51e0d3b1bf24857bc3cc77159f766fbda7c5fa849e939034f942617a1242b412b63a791bab4d0ac386ed79de7c662a8d08400663915829304f34aa04a5141a

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a66004cf8bde5bf53dc67389023b59a97e32f5c50c8820921bb179cf05e1a94c
- Size
  
  74KB
- MD5
  
  ed69d9bb9335abe981caa682262b20e1
- SHA1
  
  51c0e64511317c87d32cfb58a8c12ebf16a27521
- SHA256
  
  a66004cf8bde5bf53dc67389023b59a97e32f5c50c8820921bb179cf05e1a94c
- SHA512
  
  df51e0d3b1bf24857bc3cc77159f766fbda7c5fa849e939034f942617a1242b412b63a791bab4d0ac386ed79de7c662a8d08400663915829304f34aa04a5141a
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2