15628557ec95cf00fe2ef7cddfd4f2a02dda9a0f960199a88f2e13fb58569706 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easyMalicious2ebdb39d7c4e.exe
Size

717KB
Sample

230704-vj9fysff95
MD5

3690436987b5c388b3ab1a0cd8676849
SHA1

c5098977d9d72a90f5ff5ad7095323b95865e241
SHA256

15628557ec95cf00fe2ef7cddfd4f2a02dda9a0f960199a88f2e13fb58569706
SHA512

c3ab1306971b538255002caaa2c15cd9bdaeabd93cdae3aa89db09bdf2a074b4527f2d924b6cd29c1cc05f5d0c6bd7ed5e72864d747d32b1a89632700527b8b4
SSDEEP

12288:51bVjsHP8jyFehcnRXC9ADBJbkPgRg3PZj46kToKmX7ksIxOH4NO3itGG:51bV4HP8jwHnRSiDBJsgmp4+XwUOOy1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easyMalicious2ebdb39d7c4e.exe
- Size
  
  717KB
- MD5
  
  3690436987b5c388b3ab1a0cd8676849
- SHA1
  
  c5098977d9d72a90f5ff5ad7095323b95865e241
- SHA256
  
  15628557ec95cf00fe2ef7cddfd4f2a02dda9a0f960199a88f2e13fb58569706
- SHA512
  
  c3ab1306971b538255002caaa2c15cd9bdaeabd93cdae3aa89db09bdf2a074b4527f2d924b6cd29c1cc05f5d0c6bd7ed5e72864d747d32b1a89632700527b8b4
- SSDEEP
  
  12288:51bVjsHP8jyFehcnRXC9ADBJbkPgRg3PZj46kToKmX7ksIxOH4NO3itGG:51bV4HP8jwHnRSiDBJsgmp4+XwUOOy1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2