9da8d23ffc6789f01927660b9374ab91fcee59aa67eb4004fdcb3da07a85ca65 | Triage

Sharing

General

Target

9da8d23ffc6789f01927660b9374ab91fcee59aa67eb4004fdcb3da07a85ca65
Size

88KB
Sample

221019-11wjbaaeg9
MD5

91fc305c65c2aaab50c5977443d20860
SHA1

286bfa5fc614c662b526828537ab4666fa909baf
SHA256

9da8d23ffc6789f01927660b9374ab91fcee59aa67eb4004fdcb3da07a85ca65
SHA512

ff08754e01aaa4c2c5a478b0a5ce5082accabc765284d8a1029daf02753ab885611c40159ea93de595be25428d74bf6660c17ab023c046f28d00818fc4c867fa
SSDEEP

1536:4bNceAT5ncoGf+c956Oftuw+zA7SyoLq5vWggF/pgFDo:4hAhtc95rftuLE7Sqwn/iFD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9da8d23ffc6789f01927660b9374ab91fcee59aa67eb4004fdcb3da07a85ca65
- Size
  
  88KB
- MD5
  
  91fc305c65c2aaab50c5977443d20860
- SHA1
  
  286bfa5fc614c662b526828537ab4666fa909baf
- SHA256
  
  9da8d23ffc6789f01927660b9374ab91fcee59aa67eb4004fdcb3da07a85ca65
- SHA512
  
  ff08754e01aaa4c2c5a478b0a5ce5082accabc765284d8a1029daf02753ab885611c40159ea93de595be25428d74bf6660c17ab023c046f28d00818fc4c867fa
- SSDEEP
  
  1536:4bNceAT5ncoGf+c956Oftuw+zA7SyoLq5vWggF/pgFDo:4hAhtc95rftuLE7Sqwn/iFD
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2