16e23a73c5c7bc6672903c54c5bf75046082338ff8aed03668dee3beefe46175 | Triage

Sharing

General

Target

16e23a73c5c7bc6672903c54c5bf75046082338ff8aed03668dee3beefe46175
Size

115KB
Sample

221123-lttzksff9z
MD5

d14ba65338b03255b0caf3b40b6bd76b
SHA1

16a261aa344eb9a23ce1090cc024f3f769de7c55
SHA256

16e23a73c5c7bc6672903c54c5bf75046082338ff8aed03668dee3beefe46175
SHA512

872882b6905b2c716faf0e34ae6da0425f9a48bc7a899e62bcf4d66930a13103bf77eba951ee8f930946b60868062f121d81f5d5c10aef484b8f80d8a49b2f87
SSDEEP

1536:eAB6uwU1FiJWT3GmA8oidfSz5TVgdjOb2RADCGAi8AijAi:eAQ/UTyGS8oeYvgdjWrlP8PjP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  16e23a73c5c7bc6672903c54c5bf75046082338ff8aed03668dee3beefe46175
- Size
  
  115KB
- MD5
  
  d14ba65338b03255b0caf3b40b6bd76b
- SHA1
  
  16a261aa344eb9a23ce1090cc024f3f769de7c55
- SHA256
  
  16e23a73c5c7bc6672903c54c5bf75046082338ff8aed03668dee3beefe46175
- SHA512
  
  872882b6905b2c716faf0e34ae6da0425f9a48bc7a899e62bcf4d66930a13103bf77eba951ee8f930946b60868062f121d81f5d5c10aef484b8f80d8a49b2f87
- SSDEEP
  
  1536:eAB6uwU1FiJWT3GmA8oidfSz5TVgdjOb2RADCGAi8AijAi:eAQ/UTyGS8oeYvgdjWrlP8PjP
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2