628840e9471f4e1b4826783d62e20838ba6727664b13e97e08332d76b2d618d8 | Triage

Sharing

General

Target

easyMalicious06198374cc20.exe
Size

1.3MB
Sample

230704-tnj67afb65
MD5

047cd2e851fade333973d92e05e33973
SHA1

7f39b8dda007364f68bb14fedf398083199a373a
SHA256

628840e9471f4e1b4826783d62e20838ba6727664b13e97e08332d76b2d618d8
SHA512

0e25ca4c5ce2c42a3fd65ba51b3e16ff974018068f9cb99264399b171d672265c8ede889fd957c4a94a1d647e3d47cc6468ff3b0e97c79fb75b2423f738476ee
SSDEEP

24576:c1bNN6kFkea882XW29JIPCT07QilPvQ5zoGAri0dcpqjqVGhLYlg2cm:cZ6wkea882XW0A40XVvqoGArXdTjqoqT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easyMalicious06198374cc20.exe
- Size
  
  1.3MB
- MD5
  
  047cd2e851fade333973d92e05e33973
- SHA1
  
  7f39b8dda007364f68bb14fedf398083199a373a
- SHA256
  
  628840e9471f4e1b4826783d62e20838ba6727664b13e97e08332d76b2d618d8
- SHA512
  
  0e25ca4c5ce2c42a3fd65ba51b3e16ff974018068f9cb99264399b171d672265c8ede889fd957c4a94a1d647e3d47cc6468ff3b0e97c79fb75b2423f738476ee
- SSDEEP
  
  24576:c1bNN6kFkea882XW29JIPCT07QilPvQ5zoGAri0dcpqjqVGhLYlg2cm:cZ6wkea882XW0A40XVvqoGArXdTjqoqT
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2