171cc142254d33eb74dc5f1f79135bdbadbbd733eca49ea14a4e35d252b2395e | Triage

Sharing

General

Target

171cc142254d33eb74dc5f1f79135bdbadbbd733eca49ea14a4e35d252b2395e
Size

74KB
Sample

221019-3gnepsdbbl
MD5

a25193cd8120e38482f933a2f96696c0
SHA1

8ff0af03c7053570a896a20ce9c050b5961a4715
SHA256

171cc142254d33eb74dc5f1f79135bdbadbbd733eca49ea14a4e35d252b2395e
SHA512

5178dbedd7c4ef856546353db01a1bd68e0a35208022cc56da1cb5ba0457f2e59ffae5eb95a0fff3790c6f503652f9359a7f5ebf0e62187c31aaeb060b94e80c
SSDEEP

1536:TvlipU8eVqxHLqxgokWMSuBg70nwzKaG4Cgoc0zBp3:DlG7DZutxMmG4Cggl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  171cc142254d33eb74dc5f1f79135bdbadbbd733eca49ea14a4e35d252b2395e
- Size
  
  74KB
- MD5
  
  a25193cd8120e38482f933a2f96696c0
- SHA1
  
  8ff0af03c7053570a896a20ce9c050b5961a4715
- SHA256
  
  171cc142254d33eb74dc5f1f79135bdbadbbd733eca49ea14a4e35d252b2395e
- SHA512
  
  5178dbedd7c4ef856546353db01a1bd68e0a35208022cc56da1cb5ba0457f2e59ffae5eb95a0fff3790c6f503652f9359a7f5ebf0e62187c31aaeb060b94e80c
- SSDEEP
  
  1536:TvlipU8eVqxHLqxgokWMSuBg70nwzKaG4Cgoc0zBp3:DlG7DZutxMmG4Cggl
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2