ac455700a8dc36559b0d70e13baa71bbc083a0f00b4ee370ee28983a28265995 | Triage

Sharing

General

Target

ac455700a8dc36559b0d70e13baa71bbc083a0f00b4ee370ee28983a28265995
Size

70KB
Sample

240523-b6y4yshd39
MD5

ff138fdbc1666a43d3a03ef67e6ce5dd
SHA1

f322f61e9f572d9e9cbc971dbb475bcbd58376c7
SHA256

ac455700a8dc36559b0d70e13baa71bbc083a0f00b4ee370ee28983a28265995
SHA512

c1e23a8aa602b452b9e12eba50293841141069408bd80027163de3fc7496f1d3701bc5f8d5fbfc3e10095f465da779f96c6feb592656ceb354398e30762ff790
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8B:Olg35GTslA5t3/w8B

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  ac455700a8dc36559b0d70e13baa71bbc083a0f00b4ee370ee28983a28265995
- Size
  
  70KB
- MD5
  
  ff138fdbc1666a43d3a03ef67e6ce5dd
- SHA1
  
  f322f61e9f572d9e9cbc971dbb475bcbd58376c7
- SHA256
  
  ac455700a8dc36559b0d70e13baa71bbc083a0f00b4ee370ee28983a28265995
- SHA512
  
  c1e23a8aa602b452b9e12eba50293841141069408bd80027163de3fc7496f1d3701bc5f8d5fbfc3e10095f465da779f96c6feb592656ceb354398e30762ff790
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8B:Olg35GTslA5t3/w8B
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan