bba172f141c2583adab6942cd09cbb81bb119c512c579134fdf2d90e41b3905e | Triage

Sharing

General

Target

crypted_lc (2).exe
Size

421KB
Sample

220924-m6ntrsceck
MD5

708fdb6ad813c75aaecf2d846985b76d
SHA1

0bbe66c7e49513d76c91475c7a813dc3a20b94ed
SHA256

bba172f141c2583adab6942cd09cbb81bb119c512c579134fdf2d90e41b3905e
SHA512

9891d8d26a4aa48c01f1ea6d47797e228c7d25a5077c92308327b9edd337bb317e6e8c727741d6729e968e5f35ddbab5bd739c08aab92056aa59048932db90d8
SSDEEP

6144:dpdDwwL69eUVWS0W4hDgdVm3289pnp3TMQ1YlSYB/RRrdU1Kolh2vCu8W:f2wLqVxwDgzN8LpD6K3QaW

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  crypted_lc (2).exe
- Size
  
  421KB
- MD5
  
  708fdb6ad813c75aaecf2d846985b76d
- SHA1
  
  0bbe66c7e49513d76c91475c7a813dc3a20b94ed
- SHA256
  
  bba172f141c2583adab6942cd09cbb81bb119c512c579134fdf2d90e41b3905e
- SHA512
  
  9891d8d26a4aa48c01f1ea6d47797e228c7d25a5077c92308327b9edd337bb317e6e8c727741d6729e968e5f35ddbab5bd739c08aab92056aa59048932db90d8
- SSDEEP
  
  6144:dpdDwwL69eUVWS0W4hDgdVm3289pnp3TMQ1YlSYB/RRrdU1Kolh2vCu8W:f2wLqVxwDgzN8LpD6K3QaW
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1