82d9632762822a574d0a629516851390672cdc8a37cfcb4b9b2ab3ebacdeb1cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82d9632762822a574d0a629516851390672cdc8a37cfcb4b9b2ab3ebacdeb1cb
Size

88KB
Sample

221003-rjkk2saed3
MD5

62887c7b466f996aea128a53c9033000
SHA1

2ea08d535c71b92c2eff5f6f3e411d7317c817d0
SHA256

82d9632762822a574d0a629516851390672cdc8a37cfcb4b9b2ab3ebacdeb1cb
SHA512

ad76b7f239f315224d81061ba0465fdf79347e677264b11d55c0f8b19ed22081e82866bb32a6ce517c3193b2e0af7021f4ca6f9650fe095205b69d218d294805
SSDEEP

1536:HKWAq+ulxSx0vNhaCY5+cZI75SbEH/MqSHD42QpBiQ3+RoixE:qWADQaCpcZCoofMQZz3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  82d9632762822a574d0a629516851390672cdc8a37cfcb4b9b2ab3ebacdeb1cb
- Size
  
  88KB
- MD5
  
  62887c7b466f996aea128a53c9033000
- SHA1
  
  2ea08d535c71b92c2eff5f6f3e411d7317c817d0
- SHA256
  
  82d9632762822a574d0a629516851390672cdc8a37cfcb4b9b2ab3ebacdeb1cb
- SHA512
  
  ad76b7f239f315224d81061ba0465fdf79347e677264b11d55c0f8b19ed22081e82866bb32a6ce517c3193b2e0af7021f4ca6f9650fe095205b69d218d294805
- SSDEEP
  
  1536:HKWAq+ulxSx0vNhaCY5+cZI75SbEH/MqSHD42QpBiQ3+RoixE:qWADQaCpcZCoofMQZz3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2