de68cba88360e509822f109a10eaca180c770129db7b24586dc5715e1a01050e | Triage

Sharing

General

Target

de68cba88360e509822f109a10eaca180c770129db7b24586dc5715e1a01050e
Size

71KB
Sample

240523-efbshsdb47
MD5

b750518f02ff7bb39d9b1387aba5b24f
SHA1

dd42a463e6e75c91520517f0e5de8e58f6e8d6cd
SHA256

de68cba88360e509822f109a10eaca180c770129db7b24586dc5715e1a01050e
SHA512

c18b6e33a6cd76e1051583607d88ba1926e022c18147b7fcd4b953ca6dcaabb356dac03ba53b0144c9a53de5b6a36984098d8383c6122a4ae9bbbbc20d25984b
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slCX:Olg35GTslA5t3/w83

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  de68cba88360e509822f109a10eaca180c770129db7b24586dc5715e1a01050e
- Size
  
  71KB
- MD5
  
  b750518f02ff7bb39d9b1387aba5b24f
- SHA1
  
  dd42a463e6e75c91520517f0e5de8e58f6e8d6cd
- SHA256
  
  de68cba88360e509822f109a10eaca180c770129db7b24586dc5715e1a01050e
- SHA512
  
  c18b6e33a6cd76e1051583607d88ba1926e022c18147b7fcd4b953ca6dcaabb356dac03ba53b0144c9a53de5b6a36984098d8383c6122a4ae9bbbbc20d25984b
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slCX:Olg35GTslA5t3/w83
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan