acfb18b67c6b0773e4b330fd392e0400ac8f33d59825a81cb2ff59ed1e983e77 | Triage

Sharing

General

Target

acfb18b67c6b0773e4b330fd392e0400ac8f33d59825a81cb2ff59ed1e983e77
Size

71KB
Sample

240523-b75ccshd89
MD5

c7057413eee356b86dfa3df7ef95b0cc
SHA1

62b789cec6c70491ad98a6f6aa04a4c662d43c15
SHA256

acfb18b67c6b0773e4b330fd392e0400ac8f33d59825a81cb2ff59ed1e983e77
SHA512

f05ae8d51a10787afec9ca32e6fb82b217ab2148e912a28669e0faa184b9577cccc00fcb7e9f68d37d3c463158c0dfe4358f18d652f519ab85c72bb5aaeb8a6c
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slD:Olg35GTslA5t3/w8k

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  acfb18b67c6b0773e4b330fd392e0400ac8f33d59825a81cb2ff59ed1e983e77
- Size
  
  71KB
- MD5
  
  c7057413eee356b86dfa3df7ef95b0cc
- SHA1
  
  62b789cec6c70491ad98a6f6aa04a4c662d43c15
- SHA256
  
  acfb18b67c6b0773e4b330fd392e0400ac8f33d59825a81cb2ff59ed1e983e77
- SHA512
  
  f05ae8d51a10787afec9ca32e6fb82b217ab2148e912a28669e0faa184b9577cccc00fcb7e9f68d37d3c463158c0dfe4358f18d652f519ab85c72bb5aaeb8a6c
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slD:Olg35GTslA5t3/w8k
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan