8a0397e52be9188cb3aaa6fd717d38fd6f4870ec44ffd064f56e7ed221e63e8f | Triage

Sharing

General

Target

8a0397e52be9188cb3aaa6fd717d38fd6f4870ec44ffd064f56e7ed221e63e8f
Size

70KB
Sample

240522-c6wjhahh8t
MD5

c8138b198fae0c9c5a86ac8b88583a58
SHA1

5b137ebff8024bb6ed5fa927d2a085240b900389
SHA256

8a0397e52be9188cb3aaa6fd717d38fd6f4870ec44ffd064f56e7ed221e63e8f
SHA512

96ca85a74abf09556765228ce38e5dfc547c22cf8f048569726cb0976ab2d3a67c9fea96299d26762d48ca51533f1ba12cd1515db54c215a71ca354a5a53023f
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl1G:Olg35GTslA5t3/w8r

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  8a0397e52be9188cb3aaa6fd717d38fd6f4870ec44ffd064f56e7ed221e63e8f
- Size
  
  70KB
- MD5
  
  c8138b198fae0c9c5a86ac8b88583a58
- SHA1
  
  5b137ebff8024bb6ed5fa927d2a085240b900389
- SHA256
  
  8a0397e52be9188cb3aaa6fd717d38fd6f4870ec44ffd064f56e7ed221e63e8f
- SHA512
  
  96ca85a74abf09556765228ce38e5dfc547c22cf8f048569726cb0976ab2d3a67c9fea96299d26762d48ca51533f1ba12cd1515db54c215a71ca354a5a53023f
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl1G:Olg35GTslA5t3/w8r
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan