kronos | 1c2d21587eb949fe719ae9499e42381d4250a0be5c770ea707a362afdd171936 | Triage

Sharing

General

Target

1c2d21587eb949fe719ae9499e42381d4250a0be5c770ea707a362afdd171936
Size

275KB
Sample

221127-2h24tahe4v
MD5

d891cbbaf7fd229445a507bd8407fd96
SHA1

535501fbe60ff96890f46b1e2321c9bd0d25c4aa
SHA256

1c2d21587eb949fe719ae9499e42381d4250a0be5c770ea707a362afdd171936
SHA512

86de8aa1da926d1b50cf329dfbbf0d67bf033e73323421c399c80c502cd3e1f92091864c14f9e5bc14f89db9cbe85cd8c0ec7896c3c581b40d4efd09b9631d35
SSDEEP

6144:JBgedih3DLc2g4DEqXqAUTBqd/20dkMzTL7AQ05lmtLrD6LrD6deOHNHXE/Nn719:JSedyzLc8EqeTsdOHf7QlvrT6O2Bqnuq

Score

10^/10

kronos banker botnet persistence

Malware Config

Targets

- Target
  
  1c2d21587eb949fe719ae9499e42381d4250a0be5c770ea707a362afdd171936
- Size
  
  275KB
- MD5
  
  d891cbbaf7fd229445a507bd8407fd96
- SHA1
  
  535501fbe60ff96890f46b1e2321c9bd0d25c4aa
- SHA256
  
  1c2d21587eb949fe719ae9499e42381d4250a0be5c770ea707a362afdd171936
- SHA512
  
  86de8aa1da926d1b50cf329dfbbf0d67bf033e73323421c399c80c502cd3e1f92091864c14f9e5bc14f89db9cbe85cd8c0ec7896c3c581b40d4efd09b9631d35
- SSDEEP
  
  6144:JBgedih3DLc2g4DEqXqAUTBqd/20dkMzTL7AQ05lmtLrD6LrD6deOHNHXE/Nn719:JSedyzLc8EqeTsdOHf7QlvrT6O2Bqnuq
Score

10^/10

kronos banker botnet persistence
- Kronos
  banker botnet kronos
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

kronosbankerbotnetpersistence

behavioral2

kronosbankerbotnetpersistence