98562e3bf8ef51b9b5224fba4ae4fb9ce4ebb63a2500422392bb566903e66f29 | Triage

Sharing

General

Target

98562e3bf8ef51b9b5224fba4ae4fb9ce4ebb63a2500422392bb566903e66f29
Size

71KB
Sample

240522-ebxt7aba77
MD5

84bd901dff672073a8ace609028d5d68
SHA1

6795085004cb54ef0b364202dd46e8828ac7bd30
SHA256

98562e3bf8ef51b9b5224fba4ae4fb9ce4ebb63a2500422392bb566903e66f29
SHA512

cb24a5747c46408f89be8831bd99d1600b93e1104a70d0083ec015a96042ad8c4db02ae6e149a97b4f14a54450f9a71c3ae4781417f132edf7c89c1f0744c026
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8X:Olg35GTslA5t3/w8X

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  98562e3bf8ef51b9b5224fba4ae4fb9ce4ebb63a2500422392bb566903e66f29
- Size
  
  71KB
- MD5
  
  84bd901dff672073a8ace609028d5d68
- SHA1
  
  6795085004cb54ef0b364202dd46e8828ac7bd30
- SHA256
  
  98562e3bf8ef51b9b5224fba4ae4fb9ce4ebb63a2500422392bb566903e66f29
- SHA512
  
  cb24a5747c46408f89be8831bd99d1600b93e1104a70d0083ec015a96042ad8c4db02ae6e149a97b4f14a54450f9a71c3ae4781417f132edf7c89c1f0744c026
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8X:Olg35GTslA5t3/w8X
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan