02bd8c922f3bd613a8f5f89d345499557f0d06f4523db3d0bf70ae3b8edd618e | Triage

Sharing

General

Target

easyMalicious30b2fc025e0a.exe
Size

1.1MB
Sample

230704-vl4y9afg27
MD5

2d0b73343ebfb17bf585e09c3a8d9ec2
SHA1

2a1bb359d7e870d76c6f8d473cb33517786ea28c
SHA256

02bd8c922f3bd613a8f5f89d345499557f0d06f4523db3d0bf70ae3b8edd618e
SHA512

1823aa93046d0058d40bd747aefa18910cf9475a08575cd5a76aa53a36d448aa68af94c5fb2f99fb50f088b5edefb7cff2dc210cd9d54534613afe89004af3ac
SSDEEP

24576:I1bVC3XDWKYi+LSu3bbZVLwf6aw1qW5NHlEgRB2S1PE:IL6qZi+PLFBp4eNugR5S

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  easyMalicious30b2fc025e0a.exe
- Size
  
  1.1MB
- MD5
  
  2d0b73343ebfb17bf585e09c3a8d9ec2
- SHA1
  
  2a1bb359d7e870d76c6f8d473cb33517786ea28c
- SHA256
  
  02bd8c922f3bd613a8f5f89d345499557f0d06f4523db3d0bf70ae3b8edd618e
- SHA512
  
  1823aa93046d0058d40bd747aefa18910cf9475a08575cd5a76aa53a36d448aa68af94c5fb2f99fb50f088b5edefb7cff2dc210cd9d54534613afe89004af3ac
- SSDEEP
  
  24576:I1bVC3XDWKYi+LSu3bbZVLwf6aw1qW5NHlEgRB2S1PE:IL6qZi+PLFBp4eNugR5S
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2