652f9885a4f1a014b2069802e7a1c12e4e5edc8e151cc224353ec0dfe2539757 | Triage

Sharing

General

Target

Easy_Malicious_19b7801aed31202fcd10ca433183f3da58705692fa4a24891a7647bcbcae2c82.exe
Size

1.6MB
Sample

230807-tejt3aga32
MD5

6fe737d00c160959849266f353a3ceff
SHA1

e93b31551c9523643176a7acf37e5daa10aab87d
SHA256

652f9885a4f1a014b2069802e7a1c12e4e5edc8e151cc224353ec0dfe2539757
SHA512

ec424b1779365e714b029fed76739c783590d6ab7c76b2fd94efd776cbdd5812f49f77f1bb75b44df592877f50ff52ddf5f7474cb5b84406969668a32265af59
SSDEEP

24576:91blo5iU7SIk/7VPW7d9PqpQUuyn5mIbzf6NL1UIfv0il29Dj2ZjsaoBBz:9ot7K9Wxzyn5+N6uvXM4I

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Easy_Malicious_19b7801aed31202fcd10ca433183f3da58705692fa4a24891a7647bcbcae2c82.exe
- Size
  
  1.6MB
- MD5
  
  6fe737d00c160959849266f353a3ceff
- SHA1
  
  e93b31551c9523643176a7acf37e5daa10aab87d
- SHA256
  
  652f9885a4f1a014b2069802e7a1c12e4e5edc8e151cc224353ec0dfe2539757
- SHA512
  
  ec424b1779365e714b029fed76739c783590d6ab7c76b2fd94efd776cbdd5812f49f77f1bb75b44df592877f50ff52ddf5f7474cb5b84406969668a32265af59
- SSDEEP
  
  24576:91blo5iU7SIk/7VPW7d9PqpQUuyn5mIbzf6NL1UIfv0il29Dj2ZjsaoBBz:9ot7K9Wxzyn5+N6uvXM4I
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2