96a8382ebaa12ad3b75b6b8287e4bdb6934bf1a61e0f9677a0e4af1b12a615bc | Triage

Sharing

General

Target

96a8382ebaa12ad3b75b6b8287e4bdb6934bf1a61e0f9677a0e4af1b12a615bc
Size

153KB
Sample

221002-p1zeesfee9
MD5

4791dd74d174a031a04bee4082214050
SHA1

a4665a6b29a55a0aae44c03442cd0da7e3cab94a
SHA256

96a8382ebaa12ad3b75b6b8287e4bdb6934bf1a61e0f9677a0e4af1b12a615bc
SHA512

f819dbfef6934f21422ad8691b441be986f7a7562e8f36ebf1aa6a5f6b52052c816c06f4500f423274d2dcadd18325edbd4ff9e68bc4372cb73bf036c22dbc85
SSDEEP

1536:tbrN971DGKy9h9g9RAAEzw1zFcUabSZl9u5b/2IH9WEF2GH4hY:tb1DGKyrmA4cUabsl9+2IdWwZYhY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  96a8382ebaa12ad3b75b6b8287e4bdb6934bf1a61e0f9677a0e4af1b12a615bc
- Size
  
  153KB
- MD5
  
  4791dd74d174a031a04bee4082214050
- SHA1
  
  a4665a6b29a55a0aae44c03442cd0da7e3cab94a
- SHA256
  
  96a8382ebaa12ad3b75b6b8287e4bdb6934bf1a61e0f9677a0e4af1b12a615bc
- SHA512
  
  f819dbfef6934f21422ad8691b441be986f7a7562e8f36ebf1aa6a5f6b52052c816c06f4500f423274d2dcadd18325edbd4ff9e68bc4372cb73bf036c22dbc85
- SSDEEP
  
  1536:tbrN971DGKy9h9g9RAAEzw1zFcUabSZl9u5b/2IH9WEF2GH4hY:tb1DGKyrmA4cUabsl9+2IdWwZYhY
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2