d3180ee4bf0909da1f94dce422931c204f6283afc2d82094be265532940efd00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3180ee4bf0909da1f94dce422931c204f6283afc2d82094be265532940efd00
Size

92KB
Sample

221002-pcn9jsfhbj
MD5

6375d11b1006ce26fe6ce58a7a6ea840
SHA1

419ccacba596f7cbc965c64cfa68e7c0806197c0
SHA256

d3180ee4bf0909da1f94dce422931c204f6283afc2d82094be265532940efd00
SHA512

885e4f81bc1a529ceeacf8fd94d6f5419fd124ac9e37cead4269242759c9d127587ee065324ba8223d14b41e08bcbf5aae62be800ecc3b298eae12a2d68b0eb2
SSDEEP

1536:lWUtr0vM9fvU+cCPFtjyGIHKVyo4VauIGuh/RrPW+L6r:IirnvcCPbjfOKwo4Va/ZRjW+L6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d3180ee4bf0909da1f94dce422931c204f6283afc2d82094be265532940efd00
- Size
  
  92KB
- MD5
  
  6375d11b1006ce26fe6ce58a7a6ea840
- SHA1
  
  419ccacba596f7cbc965c64cfa68e7c0806197c0
- SHA256
  
  d3180ee4bf0909da1f94dce422931c204f6283afc2d82094be265532940efd00
- SHA512
  
  885e4f81bc1a529ceeacf8fd94d6f5419fd124ac9e37cead4269242759c9d127587ee065324ba8223d14b41e08bcbf5aae62be800ecc3b298eae12a2d68b0eb2
- SSDEEP
  
  1536:lWUtr0vM9fvU+cCPFtjyGIHKVyo4VauIGuh/RrPW+L6r:IirnvcCPbjfOKwo4Va/ZRjW+L6
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2