e0d308571ae8195ba094ed14dc8a314ab4c82d810a7570eea71937aca94ef146 | Triage

Sharing

General

Target

easyMalicious10f4898f1a44.exe
Size

83KB
Sample

230704-tv7wtsgh9z
MD5

7baa36eb8e56c15508824f6b7a9197ef
SHA1

40a199c7b2cfd9b90550e918eea78751d9f909f9
SHA256

e0d308571ae8195ba094ed14dc8a314ab4c82d810a7570eea71937aca94ef146
SHA512

fe1d007e2cc734cc8e5e35a185be9ef6aa545fd984ff58b6e01c3f1c6145296ec4e727d1de9995861764fbc0691b433e5d63e1839418fb8250486b270b9bb420
SSDEEP

1536:daiqH1s+kCtrA2UMT0mTFibDKa1XElx6+Ty7f:s1B31bdBob2QXqu

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easyMalicious10f4898f1a44.exe
- Size
  
  83KB
- MD5
  
  7baa36eb8e56c15508824f6b7a9197ef
- SHA1
  
  40a199c7b2cfd9b90550e918eea78751d9f909f9
- SHA256
  
  e0d308571ae8195ba094ed14dc8a314ab4c82d810a7570eea71937aca94ef146
- SHA512
  
  fe1d007e2cc734cc8e5e35a185be9ef6aa545fd984ff58b6e01c3f1c6145296ec4e727d1de9995861764fbc0691b433e5d63e1839418fb8250486b270b9bb420
- SSDEEP
  
  1536:daiqH1s+kCtrA2UMT0mTFibDKa1XElx6+Ty7f:s1B31bdBob2QXqu
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2