7bdc9232b71c3aaaee483526abe3b2b633136cdedefbb514f335b96e426971ee | Triage

Sharing

General

Target

7bdc9232b71c3aaaee483526abe3b2b633136cdedefbb514f335b96e426971ee
Size

68KB
Sample

240522-3kt2nadd46
MD5

27729fa2a75c8d953c3742976957cb5b
SHA1

7869c34b67d7c855317e96295773dec024fe7a3a
SHA256

7bdc9232b71c3aaaee483526abe3b2b633136cdedefbb514f335b96e426971ee
SHA512

a53b082ae16c06dc9fbd633a2bc46dab8a37ab6729d296620fa51c9f9d27ba8c72c50d3b4a4078e9b7e8b45d99770ae7fdd98578c0971cf4ca5b9ec5b9d79b56
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8u:Olg35GTslA5t3/w8u

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  7bdc9232b71c3aaaee483526abe3b2b633136cdedefbb514f335b96e426971ee
- Size
  
  68KB
- MD5
  
  27729fa2a75c8d953c3742976957cb5b
- SHA1
  
  7869c34b67d7c855317e96295773dec024fe7a3a
- SHA256
  
  7bdc9232b71c3aaaee483526abe3b2b633136cdedefbb514f335b96e426971ee
- SHA512
  
  a53b082ae16c06dc9fbd633a2bc46dab8a37ab6729d296620fa51c9f9d27ba8c72c50d3b4a4078e9b7e8b45d99770ae7fdd98578c0971cf4ca5b9ec5b9d79b56
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8u:Olg35GTslA5t3/w8u
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan