210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401 | Triage

Sharing

General

Target

210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401
Size

93KB
Sample

221003-bxmdssccal
MD5

06c5490430c09643bcfdefdd0d4c1a32
SHA1

eae791ae16bdbf7cba916308c9dde467d2c79c2f
SHA256

210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401
SHA512

8231ddecc303cf60dc5e2ea5620917a68e656d3fa393fa8c8057ab7b9b9d73b2ad3f0f43e76b935c0a21aa5920a70249d626da862cf8b9f64d91d34e979266ea
SSDEEP

768:ZTpOOOQnTxR4oSZdoRnnLiVjUJtOMIPnPsigOREbGnFkHjbGyrIMWG5ErjS:ZTpOOOu4pZidLYjUJXLiOmF2jbxWGq6

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401
- Size
  
  93KB
- MD5
  
  06c5490430c09643bcfdefdd0d4c1a32
- SHA1
  
  eae791ae16bdbf7cba916308c9dde467d2c79c2f
- SHA256
  
  210d26293e8229cf923499cc2b8c1a249a82c56df82437de78db32e475315401
- SHA512
  
  8231ddecc303cf60dc5e2ea5620917a68e656d3fa393fa8c8057ab7b9b9d73b2ad3f0f43e76b935c0a21aa5920a70249d626da862cf8b9f64d91d34e979266ea
- SSDEEP
  
  768:ZTpOOOQnTxR4oSZdoRnnLiVjUJtOMIPnPsigOREbGnFkHjbGyrIMWG5ErjS:ZTpOOOu4pZidLYjUJXLiOmF2jbxWGq6
Score

10^/10

evasion persistence trojan
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2