66ca41dc74ec8dbf2262d7d2315f34be27829d880537685a46ca20366ee67676 | Triage

Sharing

General

Target

66ca41dc74ec8dbf2262d7d2315f34be27829d880537685a46ca20366ee67676
Size

70KB
Sample

240522-2lbe9sbf6t
MD5

827081eef76d2e7062778e184e4f665e
SHA1

8acbcd830bbe64853df8b04bf4a30296169fea6f
SHA256

66ca41dc74ec8dbf2262d7d2315f34be27829d880537685a46ca20366ee67676
SHA512

f73abe9904af37c709a68b19b27301b8b275b1ec53f37b7255d4058fd7622a1bc3a963fc9483c81bb302bc775def821790076fd333c81a1554d57b26e4fe4051
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8/x/:Olg35GTslA5t3/w8p

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  66ca41dc74ec8dbf2262d7d2315f34be27829d880537685a46ca20366ee67676
- Size
  
  70KB
- MD5
  
  827081eef76d2e7062778e184e4f665e
- SHA1
  
  8acbcd830bbe64853df8b04bf4a30296169fea6f
- SHA256
  
  66ca41dc74ec8dbf2262d7d2315f34be27829d880537685a46ca20366ee67676
- SHA512
  
  f73abe9904af37c709a68b19b27301b8b275b1ec53f37b7255d4058fd7622a1bc3a963fc9483c81bb302bc775def821790076fd333c81a1554d57b26e4fe4051
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8/x/:Olg35GTslA5t3/w8p
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan