fde52d24f9f09d8a108d8b272d541e46e6115c3f45281ad2bffb111dc1968db5 | Triage

Sharing

General

Target

fde52d24f9f09d8a108d8b272d541e46e6115c3f45281ad2bffb111dc1968db5
Size

71KB
Sample

240523-fv56caeh36
MD5

2824f967b88ded17b034fa4c4c1dc078
SHA1

c93f4acbda2ac3e67fa767b90889afad73dd9fec
SHA256

fde52d24f9f09d8a108d8b272d541e46e6115c3f45281ad2bffb111dc1968db5
SHA512

6ceea5a63dbfabe531de9ed3bfe0f61228b70aecf49fc56f90f33d41d6ebe8a502a171def98f03932f43e033ec31c9b85b2e5f20a7c81462ea22b5e58300b7f5
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl7L:Olg35GTslA5t3/w8kL

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  fde52d24f9f09d8a108d8b272d541e46e6115c3f45281ad2bffb111dc1968db5
- Size
  
  71KB
- MD5
  
  2824f967b88ded17b034fa4c4c1dc078
- SHA1
  
  c93f4acbda2ac3e67fa767b90889afad73dd9fec
- SHA256
  
  fde52d24f9f09d8a108d8b272d541e46e6115c3f45281ad2bffb111dc1968db5
- SHA512
  
  6ceea5a63dbfabe531de9ed3bfe0f61228b70aecf49fc56f90f33d41d6ebe8a502a171def98f03932f43e033ec31c9b85b2e5f20a7c81462ea22b5e58300b7f5
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl7L:Olg35GTslA5t3/w8kL
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan