f8532a022e6a89c3048161f8df3a524238ea1024c4af292bb8717b4b5b4edab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8532a022e6a89c3048161f8df3a524238ea1024c4af292bb8717b4b5b4edab9
Size

66KB
Sample

221001-1wkk9aaegl
MD5

60bbe51c2d2710d0f368dff8236aea67
SHA1

215af671205c47511a455f97bafa003fa8cbc607
SHA256

f8532a022e6a89c3048161f8df3a524238ea1024c4af292bb8717b4b5b4edab9
SHA512

62aac09e9e45ed6654b5b9e90fdbc8bdab67a12a6478490789e6a8b1b76efe0613476ae0b8333ea979f5d11be9fb300909d6afb309e3dae6bc4a420530865459
SSDEEP

1536:r4PtV12u+mFdRoeQPAzi1cuSgb0su2YywEH:r4PP1ZqeQCOvb02Bw

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f8532a022e6a89c3048161f8df3a524238ea1024c4af292bb8717b4b5b4edab9
- Size
  
  66KB
- MD5
  
  60bbe51c2d2710d0f368dff8236aea67
- SHA1
  
  215af671205c47511a455f97bafa003fa8cbc607
- SHA256
  
  f8532a022e6a89c3048161f8df3a524238ea1024c4af292bb8717b4b5b4edab9
- SHA512
  
  62aac09e9e45ed6654b5b9e90fdbc8bdab67a12a6478490789e6a8b1b76efe0613476ae0b8333ea979f5d11be9fb300909d6afb309e3dae6bc4a420530865459
- SSDEEP
  
  1536:r4PtV12u+mFdRoeQPAzi1cuSgb0su2YywEH:r4PP1ZqeQCOvb02Bw
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2