154875dd285cbcd33ef3ed7910d2baceb11f119dd2b32e54c81bbfa7270f17df | Triage

Resubmissions

19/07/2024, 14:15

240719-rkv36syejc 3

19/07/2024, 14:14

240719-rkhg3svfpp 10

Sharing

General

Target

Trojan.exe
Size

436KB
Sample

240719-rkhg3svfpp
MD5

3f69b5cf8a01c9839289d345f8a24ad3
SHA1

19c097f5644e8defd173f85e1dae9d811cb01cef
SHA256

154875dd285cbcd33ef3ed7910d2baceb11f119dd2b32e54c81bbfa7270f17df
SHA512

b4d8ae174f787ca3b06a2ddf0ff52f76db7d363239d629edd017ced62e1937b333bb4445982552c597c265f2dd0fbe70e350f3dbc44b0032e7a4690ddc9d11a8
SSDEEP

12288:7MSU4joci8M6PW1GVFeFd60DFUyhetYM:ASUCpM2W1Gvgmyetv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Trojan.exe
- Size
  
  436KB
- MD5
  
  3f69b5cf8a01c9839289d345f8a24ad3
- SHA1
  
  19c097f5644e8defd173f85e1dae9d811cb01cef
- SHA256
  
  154875dd285cbcd33ef3ed7910d2baceb11f119dd2b32e54c81bbfa7270f17df
- SHA512
  
  b4d8ae174f787ca3b06a2ddf0ff52f76db7d363239d629edd017ced62e1937b333bb4445982552c597c265f2dd0fbe70e350f3dbc44b0032e7a4690ddc9d11a8
- SSDEEP
  
  12288:7MSU4joci8M6PW1GVFeFd60DFUyhetYM:ASUCpM2W1Gvgmyetv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1