f4d283a12670bef6616dddb2ee28a5aa15b824f2b28a35879163a83d1f5ae23d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c67c134b9650d78e4dba596d677bfe0N.exe
Size

67KB
Sample

240723-ln231ayhkf
MD5

9c67c134b9650d78e4dba596d677bfe0
SHA1

e0fde90501231bb2ed004d15380ecf63d442cb93
SHA256

f4d283a12670bef6616dddb2ee28a5aa15b824f2b28a35879163a83d1f5ae23d
SHA512

30b11f492d9ab5176822ce90a839c91e18cadd2cdf9b6e4374b6b3af23552a6e1b15742f66e7aa0d0be2883e34ba9d534648a0a1b4ee00d2984efd091aa5263e
SSDEEP

1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1+awA:ulg35GTslA5t3GawA

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  9c67c134b9650d78e4dba596d677bfe0N.exe
- Size
  
  67KB
- MD5
  
  9c67c134b9650d78e4dba596d677bfe0
- SHA1
  
  e0fde90501231bb2ed004d15380ecf63d442cb93
- SHA256
  
  f4d283a12670bef6616dddb2ee28a5aa15b824f2b28a35879163a83d1f5ae23d
- SHA512
  
  30b11f492d9ab5176822ce90a839c91e18cadd2cdf9b6e4374b6b3af23552a6e1b15742f66e7aa0d0be2883e34ba9d534648a0a1b4ee00d2984efd091aa5263e
- SSDEEP
  
  1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1+awA:ulg35GTslA5t3GawA
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Winlogon Helper DLL

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Winlogon Helper DLL

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan