17e7aa11283dddc5a20b17829aa27c8dd324b48b460ec7041ec8baaa712b2b8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Easy_Malicious_0701fa6937e2174db273842841121dcaf8fc5231dc067c5b97b62de9b5eae7ce.exe
Size

1.1MB
Sample

230807-tabynafh72
MD5

9252afd7fcf35aa700e124a81bcfc1dc
SHA1

6e9eb1b1419033896f0f66437fb0d633c3a2d29a
SHA256

17e7aa11283dddc5a20b17829aa27c8dd324b48b460ec7041ec8baaa712b2b8c
SHA512

430adb692158d95f953af32adc99ebe6b18eb6b372ae3e94073b406f0d54287bb0812111be159720779969f2e4d38e55cf55ae7c25cd5f547e6be55de69b86e2
SSDEEP

24576:51bdeLEmijnqfNsuByMjX3bomFXaD2mWzVHUELRCvM1W+GeXkV3y2aEA:5+LFiUH0s3bJXYdWhHUSRCv9fVfbA

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Easy_Malicious_0701fa6937e2174db273842841121dcaf8fc5231dc067c5b97b62de9b5eae7ce.exe
- Size
  
  1.1MB
- MD5
  
  9252afd7fcf35aa700e124a81bcfc1dc
- SHA1
  
  6e9eb1b1419033896f0f66437fb0d633c3a2d29a
- SHA256
  
  17e7aa11283dddc5a20b17829aa27c8dd324b48b460ec7041ec8baaa712b2b8c
- SHA512
  
  430adb692158d95f953af32adc99ebe6b18eb6b372ae3e94073b406f0d54287bb0812111be159720779969f2e4d38e55cf55ae7c25cd5f547e6be55de69b86e2
- SSDEEP
  
  24576:51bdeLEmijnqfNsuByMjX3bomFXaD2mWzVHUELRCvM1W+GeXkV3y2aEA:5+LFiUH0s3bJXYdWhHUSRCv9fVfbA
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2