666b0b7e9edeff1b8108445b1ddee2cc276493dc6dc6647976128004c0e34392 | Triage

Sharing

General

Target

Easy_Malicious_027319932d356ce2c296be8804c5b7cb8a4368818a23d458abfc7e56a855c1ee.exe
Size

1.5MB
Sample

230807-s89f5shb8w
MD5

6cddfd03fb817967f690639e121a6be2
SHA1

3e6b494eac556cde0376156dbd256994a0d6a004
SHA256

666b0b7e9edeff1b8108445b1ddee2cc276493dc6dc6647976128004c0e34392
SHA512

fbc8c22291f100cbbaf18bf7ebeab78247473a7544842a10283c148390aad486efa33b5a3a053fa29ec18432636ffb82f5e2581de1ccb101af79b9ac84fa3dc3
SSDEEP

49152:V+1SNZJljmIScAgWHcxUtAUYURnJMyKY2aB5BE3:scNZJJmMlI8URnJMwpU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Easy_Malicious_027319932d356ce2c296be8804c5b7cb8a4368818a23d458abfc7e56a855c1ee.exe
- Size
  
  1.5MB
- MD5
  
  6cddfd03fb817967f690639e121a6be2
- SHA1
  
  3e6b494eac556cde0376156dbd256994a0d6a004
- SHA256
  
  666b0b7e9edeff1b8108445b1ddee2cc276493dc6dc6647976128004c0e34392
- SHA512
  
  fbc8c22291f100cbbaf18bf7ebeab78247473a7544842a10283c148390aad486efa33b5a3a053fa29ec18432636ffb82f5e2581de1ccb101af79b9ac84fa3dc3
- SSDEEP
  
  49152:V+1SNZJljmIScAgWHcxUtAUYURnJMyKY2aB5BE3:scNZJJmMlI8URnJMwpU
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2