c54dccb938b79eec44e9fee6fd7810dfe98905135e5e02c6eaee39889b9d850e | Triage

Sharing

General

Target

c54dccb938b79eec44e9fee6fd7810dfe98905135e5e02c6eaee39889b9d850e
Size

70KB
Sample

240523-day57abb7y
MD5

f1814993078ced5d7f8119e225f6b53d
SHA1

b8e5228026f384cf2a346334adeb7c0f5854e576
SHA256

c54dccb938b79eec44e9fee6fd7810dfe98905135e5e02c6eaee39889b9d850e
SHA512

fbdd1afd9f9a6d595f9817f9f04df3b7b0887e57c8d91f216de1c5c7340ea3025abe2c56e1885afdf36566eca1868ac8ca8a866d3ef3dee1bf40186d2d5bc266
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8B:Olg35GTslA5t3/w8B

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  c54dccb938b79eec44e9fee6fd7810dfe98905135e5e02c6eaee39889b9d850e
- Size
  
  70KB
- MD5
  
  f1814993078ced5d7f8119e225f6b53d
- SHA1
  
  b8e5228026f384cf2a346334adeb7c0f5854e576
- SHA256
  
  c54dccb938b79eec44e9fee6fd7810dfe98905135e5e02c6eaee39889b9d850e
- SHA512
  
  fbdd1afd9f9a6d595f9817f9f04df3b7b0887e57c8d91f216de1c5c7340ea3025abe2c56e1885afdf36566eca1868ac8ca8a866d3ef3dee1bf40186d2d5bc266
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8B:Olg35GTslA5t3/w8B
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan