34d754bcf0f8295bb65e4e56e5281b0f8440067306b747be4dbdd6c21cc290a1 | Triage

Sharing

General

Target

34d754bcf0f8295bb65e4e56e5281b0f8440067306b747be4dbdd6c21cc290a1.exe
Size

73KB
Sample

240522-zbj9baff66
MD5

18b7533cf929fcb5f60c84b18def4070
SHA1

8ef57bb1191e70a4b8476e4967803650d67736c3
SHA256

34d754bcf0f8295bb65e4e56e5281b0f8440067306b747be4dbdd6c21cc290a1
SHA512

32d92b351fe321d86d05723c5ddafe63aad2b1532ccdccad15ee48efa4a9e46f75db52474d840ce8ea64fdba3aff79d19d23918eba7a829f9b6d0f8a8817c993
SSDEEP

768:x/ngseFPR3dwG0XD0kfLkctfkx1/pbFuWnJWFwnpmkFzCfxUOxrlpZ+pZk7/NQ5z:xfE3dF0XD0CLX2pbP0ue66aC/NQx

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  34d754bcf0f8295bb65e4e56e5281b0f8440067306b747be4dbdd6c21cc290a1.exe
- Size
  
  73KB
- MD5
  
  18b7533cf929fcb5f60c84b18def4070
- SHA1
  
  8ef57bb1191e70a4b8476e4967803650d67736c3
- SHA256
  
  34d754bcf0f8295bb65e4e56e5281b0f8440067306b747be4dbdd6c21cc290a1
- SHA512
  
  32d92b351fe321d86d05723c5ddafe63aad2b1532ccdccad15ee48efa4a9e46f75db52474d840ce8ea64fdba3aff79d19d23918eba7a829f9b6d0f8a8817c993
- SSDEEP
  
  768:x/ngseFPR3dwG0XD0kfLkctfkx1/pbFuWnJWFwnpmkFzCfxUOxrlpZ+pZk7/NQ5z:xfE3dF0XD0CLX2pbP0ue66aC/NQx
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan