9c982452d0c27774dbd391f57601563150dc44bd66f8b32fa247c8647414363a | Triage

Sharing

General

Target

9c982452d0c27774dbd391f57601563150dc44bd66f8b32fa247c8647414363a
Size

57KB
Sample

221011-enyx1sdfh7
MD5

4b8dfbc2342d9e7659c04b7785267040
SHA1

2eae4441178745e1e0c564f564c51a66b538df20
SHA256

9c982452d0c27774dbd391f57601563150dc44bd66f8b32fa247c8647414363a
SHA512

35026526ac650df0af4af1eaaf10985d581c5e4e0affe76cdcb842696883307899c185a7d72cbce649724454e2284ba3a652289f37d605df8faefd37e3118867
SSDEEP

768:RaI/C5TmILIMTAZD4/WNDrJzEhN1EicI0izTR06wlf7C6MRC98CaUPD4WIzpR:RaAGvPq7fzEhIizTRE2zRCq8b4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9c982452d0c27774dbd391f57601563150dc44bd66f8b32fa247c8647414363a
- Size
  
  57KB
- MD5
  
  4b8dfbc2342d9e7659c04b7785267040
- SHA1
  
  2eae4441178745e1e0c564f564c51a66b538df20
- SHA256
  
  9c982452d0c27774dbd391f57601563150dc44bd66f8b32fa247c8647414363a
- SHA512
  
  35026526ac650df0af4af1eaaf10985d581c5e4e0affe76cdcb842696883307899c185a7d72cbce649724454e2284ba3a652289f37d605df8faefd37e3118867
- SSDEEP
  
  768:RaI/C5TmILIMTAZD4/WNDrJzEhN1EicI0izTR06wlf7C6MRC98CaUPD4WIzpR:RaAGvPq7fzEhIizTRE2zRCq8b4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2