858a2649ac51c237e947d7c4d0a25481448b3458a4f26f3c95a16e766c1849b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Malicious_1d0aba83ed8e5c1021db82c297ab9950839e3955195bf0f4ac696052cc566a61.exe
Size

1.1MB
Sample

230704-scqddsfg71
MD5

02edf8cc3d5e77375db63b0b046ffc06
SHA1

80e8d8a9f021adf0ced5c52dc6f9505f9558a674
SHA256

858a2649ac51c237e947d7c4d0a25481448b3458a4f26f3c95a16e766c1849b7
SHA512

d2e803181daf5494a1fa06b1191fd5af29997e15b681f4ed368278e522be1e5db2c72dea3c314f01ba96ac4371f2a50a1513923c332c8a31fb3be11fe7874388
SSDEEP

24576:S1bY6Tf7sW7q1qQFIfjPI/8AArjwSbrBPYefUUSBtp3uNxanKdi:SO6vsWk2fj28R3wSnBweeHp388nci

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easy_Malicious_1d0aba83ed8e5c1021db82c297ab9950839e3955195bf0f4ac696052cc566a61.exe
- Size
  
  1.1MB
- MD5
  
  02edf8cc3d5e77375db63b0b046ffc06
- SHA1
  
  80e8d8a9f021adf0ced5c52dc6f9505f9558a674
- SHA256
  
  858a2649ac51c237e947d7c4d0a25481448b3458a4f26f3c95a16e766c1849b7
- SHA512
  
  d2e803181daf5494a1fa06b1191fd5af29997e15b681f4ed368278e522be1e5db2c72dea3c314f01ba96ac4371f2a50a1513923c332c8a31fb3be11fe7874388
- SSDEEP
  
  24576:S1bY6Tf7sW7q1qQFIfjPI/8AArjwSbrBPYefUUSBtp3uNxanKdi:SO6vsWk2fj28R3wSnBweeHp388nci
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2