753db79559ea037ab3444a572c8610e3114c424d2e5aeee64998ba879c05d74e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Easy_Malicious_24186a0f1e0b80610f919e6ff9fc6f432a8f5739b5828cbf12ef5520b32ee566.exe
Size

1.6MB
Sample

230807-thjngaga59
MD5

98e1aa54d57c39b9c83b508937aca117
SHA1

611774eea557e0ec4712814656e01c4ec2437484
SHA256

753db79559ea037ab3444a572c8610e3114c424d2e5aeee64998ba879c05d74e
SHA512

e3eb0de985ddb241478075a943192b0856b04020055620928ff6e0f162023c478a733917cd7893e20462cf2522638844e1eba47aee4bf7f39a3cd41db997ba42
SSDEEP

49152:9fgBncC4sjN7dYMDxy7XnTnZKEtNbENHTUJ:Nmn4sjN7m57XjEcNbyi

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Easy_Malicious_24186a0f1e0b80610f919e6ff9fc6f432a8f5739b5828cbf12ef5520b32ee566.exe
- Size
  
  1.6MB
- MD5
  
  98e1aa54d57c39b9c83b508937aca117
- SHA1
  
  611774eea557e0ec4712814656e01c4ec2437484
- SHA256
  
  753db79559ea037ab3444a572c8610e3114c424d2e5aeee64998ba879c05d74e
- SHA512
  
  e3eb0de985ddb241478075a943192b0856b04020055620928ff6e0f162023c478a733917cd7893e20462cf2522638844e1eba47aee4bf7f39a3cd41db997ba42
- SSDEEP
  
  49152:9fgBncC4sjN7dYMDxy7XnTnZKEtNbENHTUJ:Nmn4sjN7m57XjEcNbyi
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2