cf6c599808dfca55ab0ae70a8ba0ac0d9614b3dc9a5879faac2ca30e1187ce2d | Triage

Sharing

General

Target

cf6c599808dfca55ab0ae70a8ba0ac0d9614b3dc9a5879faac2ca30e1187ce2d
Size

70KB
Sample

221106-m35m4sgeg8
MD5

122d75524965f66e70b5e6617f687898
SHA1

9c669a72ea82be6d39a9b50b73b2152800e7279a
SHA256

cf6c599808dfca55ab0ae70a8ba0ac0d9614b3dc9a5879faac2ca30e1187ce2d
SHA512

30d9445de387d203c900b284066188bec828e2bce3467a9e9e1a8dcd9fdb01a7ec58717272a0b6624881e2f6a6faf13500e4af155f5a8d2a6a550835556851c4
SSDEEP

1536:BGRuvNyF+zGdA31gOB66Yvx+w+jh+w+8Whsh/bo3TM:sRcyF9k1B662Koet

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  cf6c599808dfca55ab0ae70a8ba0ac0d9614b3dc9a5879faac2ca30e1187ce2d
- Size
  
  70KB
- MD5
  
  122d75524965f66e70b5e6617f687898
- SHA1
  
  9c669a72ea82be6d39a9b50b73b2152800e7279a
- SHA256
  
  cf6c599808dfca55ab0ae70a8ba0ac0d9614b3dc9a5879faac2ca30e1187ce2d
- SHA512
  
  30d9445de387d203c900b284066188bec828e2bce3467a9e9e1a8dcd9fdb01a7ec58717272a0b6624881e2f6a6faf13500e4af155f5a8d2a6a550835556851c4
- SSDEEP
  
  1536:BGRuvNyF+zGdA31gOB66Yvx+w+jh+w+8Whsh/bo3TM:sRcyF9k1B662Koet
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2