6b6d400d843bfae09ffd9950eeb3c8551bcb25318ea2217fe320383717929af9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b6d400d843bfae09ffd9950eeb3c8551bcb25318ea2217fe320383717929af9
Size

92KB
Sample

221019-2k2k3abeb2
MD5

91ed1d742702d031ab53381e66ed5100
SHA1

b94bfbd2723df50543cb6561ffef37ace83d955e
SHA256

6b6d400d843bfae09ffd9950eeb3c8551bcb25318ea2217fe320383717929af9
SHA512

1f876959bdf375db00fe4b53ca012fa93d975112679ffd0dcbd90ac55ade66a9a80fce68d479c8adf048ba6a684aa317a6c5c8a7ecc85b152a646e111f5d94f9
SSDEEP

1536:IDDDDPA2PFHdFY+cQ675SbEH/MqSHD42QpBiQ3FRoixE:IDDv7dRcQEoofMQZz3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6b6d400d843bfae09ffd9950eeb3c8551bcb25318ea2217fe320383717929af9
- Size
  
  92KB
- MD5
  
  91ed1d742702d031ab53381e66ed5100
- SHA1
  
  b94bfbd2723df50543cb6561ffef37ace83d955e
- SHA256
  
  6b6d400d843bfae09ffd9950eeb3c8551bcb25318ea2217fe320383717929af9
- SHA512
  
  1f876959bdf375db00fe4b53ca012fa93d975112679ffd0dcbd90ac55ade66a9a80fce68d479c8adf048ba6a684aa317a6c5c8a7ecc85b152a646e111f5d94f9
- SSDEEP
  
  1536:IDDDDPA2PFHdFY+cQ675SbEH/MqSHD42QpBiQ3FRoixE:IDDv7dRcQEoofMQZz3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2