310c430abd223dcbeb1015567d8a0de6cdb6318486c41e49f0dcd6a1c120607e | Triage

Sharing

General

Target

easy_Malicious_012897e292f12ab76fd9213a3b469e43e9bed4e69ae4b3e543136f7cbaf94920.exe
Size

300KB
Sample

230704-sqa6maee88
MD5

e4ea2ce40bb973f1f92f1dc48cd363d0
SHA1

95e4154c6c564b1faeb72212b9e0140630530b71
SHA256

310c430abd223dcbeb1015567d8a0de6cdb6318486c41e49f0dcd6a1c120607e
SHA512

5978300838f45ba52cf19d281e27b8db36d2e24ff2a1d50c96b745aa0adf0ed2f83913c5a06ba564592b83976fc91d8abcd390c6d6cf6df371e70444e83ab677
SSDEEP

6144:s731bdBaBRd5GSEa62xsXpT8/qYbTsu6a34epdnCqMrQ:u1bgvSa62xsXNHYXsqrh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easy_Malicious_012897e292f12ab76fd9213a3b469e43e9bed4e69ae4b3e543136f7cbaf94920.exe
- Size
  
  300KB
- MD5
  
  e4ea2ce40bb973f1f92f1dc48cd363d0
- SHA1
  
  95e4154c6c564b1faeb72212b9e0140630530b71
- SHA256
  
  310c430abd223dcbeb1015567d8a0de6cdb6318486c41e49f0dcd6a1c120607e
- SHA512
  
  5978300838f45ba52cf19d281e27b8db36d2e24ff2a1d50c96b745aa0adf0ed2f83913c5a06ba564592b83976fc91d8abcd390c6d6cf6df371e70444e83ab677
- SSDEEP
  
  6144:s731bdBaBRd5GSEa62xsXpT8/qYbTsu6a34epdnCqMrQ:u1bgvSa62xsXNHYXsqrh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2