8cd530a775727320078c315a232d1e189ba916fa68deb39d0e97b863e9b52f0e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Easy_Malicious_2b7bf900a6f5aacd0ffae838ac46ab135f3f1afb24a7a6ce38345f6dfb808eb6.exe
Size

1.6MB
Sample

230807-tk427ahc91
MD5

a289b0f6389af856a19d7e12c044e284
SHA1

9fcf65b98373cd5f3fb78913d5b4c6980309800e
SHA256

8cd530a775727320078c315a232d1e189ba916fa68deb39d0e97b863e9b52f0e
SHA512

86f0d42afe19449c30ee1c89e8db0ad4a4d025211b18d4159d299d7daa6b623d29b44c74671ac0349a91c67a14ff6b88864cdf5d0404adb93758b4180d0f3ded
SSDEEP

24576:V1bekvpM4ilGs1ePp6Ew+g26GzDr3uLQV7UsC8REtiMfgNbGCQESHX69lOlZ:VBQcs1Ilw+gezvkS7x6s92XRZ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Easy_Malicious_2b7bf900a6f5aacd0ffae838ac46ab135f3f1afb24a7a6ce38345f6dfb808eb6.exe
- Size
  
  1.6MB
- MD5
  
  a289b0f6389af856a19d7e12c044e284
- SHA1
  
  9fcf65b98373cd5f3fb78913d5b4c6980309800e
- SHA256
  
  8cd530a775727320078c315a232d1e189ba916fa68deb39d0e97b863e9b52f0e
- SHA512
  
  86f0d42afe19449c30ee1c89e8db0ad4a4d025211b18d4159d299d7daa6b623d29b44c74671ac0349a91c67a14ff6b88864cdf5d0404adb93758b4180d0f3ded
- SSDEEP
  
  24576:V1bekvpM4ilGs1ePp6Ew+g26GzDr3uLQV7UsC8REtiMfgNbGCQESHX69lOlZ:VBQcs1Ilw+gezvkS7x6s92XRZ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2