ce32fcafc3649dc382e90913dd4d835403752732195fdfdd8a53eec77d420450 | Triage

Sharing

General

Target

ce32fcafc3649dc382e90913dd4d835403752732195fdfdd8a53eec77d420450
Size

92KB
Sample

221019-1jbskshgcr
MD5

a2045e71d4325e64899880b20a93c1a0
SHA1

7d09b43f09891c786e190c44091a9006ad1e8259
SHA256

ce32fcafc3649dc382e90913dd4d835403752732195fdfdd8a53eec77d420450
SHA512

f52bb9940eccafc19eee7914202047655e9bd64ada212fbcc332f44200a37e5e465ca3ea99eb78278e4b63ee12f7afe786f708b213ef8687768f6af9f5bba7b6
SSDEEP

1536:BDDDDPA2PFHdFY+cY0ZJSFmH/57oIHD42Qpfu2Rwx:BDDv7dRcYMYMf5QxnR

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ce32fcafc3649dc382e90913dd4d835403752732195fdfdd8a53eec77d420450
- Size
  
  92KB
- MD5
  
  a2045e71d4325e64899880b20a93c1a0
- SHA1
  
  7d09b43f09891c786e190c44091a9006ad1e8259
- SHA256
  
  ce32fcafc3649dc382e90913dd4d835403752732195fdfdd8a53eec77d420450
- SHA512
  
  f52bb9940eccafc19eee7914202047655e9bd64ada212fbcc332f44200a37e5e465ca3ea99eb78278e4b63ee12f7afe786f708b213ef8687768f6af9f5bba7b6
- SSDEEP
  
  1536:BDDDDPA2PFHdFY+cY0ZJSFmH/57oIHD42Qpfu2Rwx:BDDv7dRcYMYMf5QxnR
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2