19894c28f879502a3e0cac63d29c30acd454f93bd2963e0dea7acbb20f72f5ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Malicious_29636b9d95778028c6758c3af7650bca0aa22ee2c03300f320eda38582a8a2b6.exe
Size

906KB
Sample

230704-sf1njafh5y
MD5

52f13b71955b631df4a4d192d1d61213
SHA1

ddd2cc3981dc504e6fd671226426c137a95c53dd
SHA256

19894c28f879502a3e0cac63d29c30acd454f93bd2963e0dea7acbb20f72f5ef
SHA512

2fe05408ad3a835c86e59c2b1c448b6f37573d4c33e84a1b6f846e6e347648fbc0cb35d0e5237ee1b16fc6fea7f4ae5b1a79b10ccdf208309878ea239f2776f8
SSDEEP

12288:c1bOuIRl6dh/gNLDQ3k4qTE/m2VIS0R2zued0Bz8O8b9O8fqqdt1Z7lnc4Xhx:c1bF+6gDQU4FVB0R2ld0BzF8/V1ZHH

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easy_Malicious_29636b9d95778028c6758c3af7650bca0aa22ee2c03300f320eda38582a8a2b6.exe
- Size
  
  906KB
- MD5
  
  52f13b71955b631df4a4d192d1d61213
- SHA1
  
  ddd2cc3981dc504e6fd671226426c137a95c53dd
- SHA256
  
  19894c28f879502a3e0cac63d29c30acd454f93bd2963e0dea7acbb20f72f5ef
- SHA512
  
  2fe05408ad3a835c86e59c2b1c448b6f37573d4c33e84a1b6f846e6e347648fbc0cb35d0e5237ee1b16fc6fea7f4ae5b1a79b10ccdf208309878ea239f2776f8
- SSDEEP
  
  12288:c1bOuIRl6dh/gNLDQ3k4qTE/m2VIS0R2zued0Bz8O8b9O8fqqdt1Z7lnc4Xhx:c1bF+6gDQU4FVB0R2ld0BzF8/V1ZHH
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2