070f85666efe87f27656da987dd7d6d62c0d128aa2314177f9a0f04b3e7142d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easyMalicious1d6401e68629.exe
Size

353KB
Sample

230704-t6xj8sfe37
MD5

d71693eadeda91175e60b3ba0b25e7c8
SHA1

11a5b0a27e2df9ba18583989537231f3508c9178
SHA256

070f85666efe87f27656da987dd7d6d62c0d128aa2314177f9a0f04b3e7142d5
SHA512

48dd7b96710abff7ae63eec88cef4b426423b062e8afa614196ef784f470e6cdc49a68068a2fe4993f307bfc65f4edc78361432d7bf6d20ae9d98221cc595a3e
SSDEEP

6144:1731bdBaBQK6SImHvFrDZ4G3AXrVstOaqa5AbLezF3nHOpAj8QnpLz33IHhNu8Rl:V1b9toFr5ltzqaoKF3nHemvpzHwN/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easyMalicious1d6401e68629.exe
- Size
  
  353KB
- MD5
  
  d71693eadeda91175e60b3ba0b25e7c8
- SHA1
  
  11a5b0a27e2df9ba18583989537231f3508c9178
- SHA256
  
  070f85666efe87f27656da987dd7d6d62c0d128aa2314177f9a0f04b3e7142d5
- SHA512
  
  48dd7b96710abff7ae63eec88cef4b426423b062e8afa614196ef784f470e6cdc49a68068a2fe4993f307bfc65f4edc78361432d7bf6d20ae9d98221cc595a3e
- SSDEEP
  
  6144:1731bdBaBQK6SImHvFrDZ4G3AXrVstOaqa5AbLezF3nHOpAj8QnpLz33IHhNu8Rl:V1b9toFr5ltzqaoKF3nHemvpzHwN/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2