76943d48221301ae0397e870babfc7c248d9aebd5497b12830e9551e852dfdfd | Triage

Sharing

General

Target

76943d48221301ae0397e870babfc7c248d9aebd5497b12830e9551e852dfdfd
Size

71KB
Sample

240522-29qj4acg64
MD5

3103fd8a950169dd7e4fa9fbd18be50c
SHA1

b8344d0f3aaa1afcd1aa9595dbe11578d80901b7
SHA256

76943d48221301ae0397e870babfc7c248d9aebd5497b12830e9551e852dfdfd
SHA512

66d639286c332f5d8a44d5d882483ed9acdedc86bb90b780388b9d2b2e89ae24afa3aee1e5e915c2b6b0e1dc6b7d76eb6b13561ae462adaf5c001601cb4d4c0c
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slJv:Olg35GTslA5t3/w8yv

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  76943d48221301ae0397e870babfc7c248d9aebd5497b12830e9551e852dfdfd
- Size
  
  71KB
- MD5
  
  3103fd8a950169dd7e4fa9fbd18be50c
- SHA1
  
  b8344d0f3aaa1afcd1aa9595dbe11578d80901b7
- SHA256
  
  76943d48221301ae0397e870babfc7c248d9aebd5497b12830e9551e852dfdfd
- SHA512
  
  66d639286c332f5d8a44d5d882483ed9acdedc86bb90b780388b9d2b2e89ae24afa3aee1e5e915c2b6b0e1dc6b7d76eb6b13561ae462adaf5c001601cb4d4c0c
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slJv:Olg35GTslA5t3/w8yv
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan