725c25d06565147ebe42eac533a552ef434a3a65c038558a409704ad82d37ade | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Malicious_31bcb2ae3b52e8e2dc810253341ed9201c760135e5e17e0c324ab67145801acd.exe
Size

263KB
Sample

230704-sqy8fsef35
MD5

ff27f80d9f64281c8b3761f46da2fee0
SHA1

88651f9aebc8aecfdf5b6bdf2070276ad435bf6d
SHA256

725c25d06565147ebe42eac533a552ef434a3a65c038558a409704ad82d37ade
SHA512

57f9b3f578573fbad8f16e5bc105e1bc6a6baf2e769991a70b58e804fc9fb4425bf3f8c153aa45e374792e8715a0c2cd839af9aa3893cf1bcd7ff79d1d3525e9
SSDEEP

6144:t731bdBaB+UV/7zV/RXq06r81Hvd8Vt12RBw6Z4mHzkaQ6+T8:91bs7JZq0qI2gRBROsRQ6/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easy_Malicious_31bcb2ae3b52e8e2dc810253341ed9201c760135e5e17e0c324ab67145801acd.exe
- Size
  
  263KB
- MD5
  
  ff27f80d9f64281c8b3761f46da2fee0
- SHA1
  
  88651f9aebc8aecfdf5b6bdf2070276ad435bf6d
- SHA256
  
  725c25d06565147ebe42eac533a552ef434a3a65c038558a409704ad82d37ade
- SHA512
  
  57f9b3f578573fbad8f16e5bc105e1bc6a6baf2e769991a70b58e804fc9fb4425bf3f8c153aa45e374792e8715a0c2cd839af9aa3893cf1bcd7ff79d1d3525e9
- SSDEEP
  
  6144:t731bdBaB+UV/7zV/RXq06r81Hvd8Vt12RBw6Z4mHzkaQ6+T8:91bs7JZq0qI2gRBROsRQ6/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2