c67a346c6cf5802a82b3b3ef3efaa855101e5955fe29faaf1921e752b455d233 | Triage

Sharing

General

Target

c67a346c6cf5802a82b3b3ef3efaa855101e5955fe29faaf1921e752b455d233
Size

70KB
Sample

240523-dcrtwsbc5x
MD5

7f406fc6a7e4013ea459b251fba48f90
SHA1

3bc33b0508215db65991f2ff0be1dbadcfcba83e
SHA256

c67a346c6cf5802a82b3b3ef3efaa855101e5955fe29faaf1921e752b455d233
SHA512

8dac69c8b72b91512d970e39eaa0fc89fa58fd2bae3b09f91a53d652fc46eed2d7899166fa3664c50a4b762df9ad5d5f0b67798fb36002ec60302bc7ac56187e
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8K8WoA:Olg35GTslA5t3/w8KZP

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  c67a346c6cf5802a82b3b3ef3efaa855101e5955fe29faaf1921e752b455d233
- Size
  
  70KB
- MD5
  
  7f406fc6a7e4013ea459b251fba48f90
- SHA1
  
  3bc33b0508215db65991f2ff0be1dbadcfcba83e
- SHA256
  
  c67a346c6cf5802a82b3b3ef3efaa855101e5955fe29faaf1921e752b455d233
- SHA512
  
  8dac69c8b72b91512d970e39eaa0fc89fa58fd2bae3b09f91a53d652fc46eed2d7899166fa3664c50a4b762df9ad5d5f0b67798fb36002ec60302bc7ac56187e
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8K8WoA:Olg35GTslA5t3/w8KZP
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan