b92588d07cf65c85dc221808b24bb0e2eb914ffdc94d9e97a38c0bc3aa94b7b7 | Triage

Sharing

General

Target

b92588d07cf65c85dc221808b24bb0e2eb914ffdc94d9e97a38c0bc3aa94b7b7
Size

65KB
Sample

221123-lv1hracd38
MD5

91657a2a36e66bee8b5df435f13ab13d
SHA1

e9fee3e7555d9f3f9b5a11d31156a1eb07572d13
SHA256

b92588d07cf65c85dc221808b24bb0e2eb914ffdc94d9e97a38c0bc3aa94b7b7
SHA512

165d292deb3a0fbb530eafca986fc97305c48f36966a62954784601a08e5f4286036457bd0c195cf3a46e19b4b3b21b5e24cfa0b467f4e03424cce0f3034fcaa
SSDEEP

1536:Vshg8eWZvxJ0CIJb36uzOW9J3qsHdlwcIxulEb:GhaWZvIxOuzxCsHn0ua

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b92588d07cf65c85dc221808b24bb0e2eb914ffdc94d9e97a38c0bc3aa94b7b7
- Size
  
  65KB
- MD5
  
  91657a2a36e66bee8b5df435f13ab13d
- SHA1
  
  e9fee3e7555d9f3f9b5a11d31156a1eb07572d13
- SHA256
  
  b92588d07cf65c85dc221808b24bb0e2eb914ffdc94d9e97a38c0bc3aa94b7b7
- SHA512
  
  165d292deb3a0fbb530eafca986fc97305c48f36966a62954784601a08e5f4286036457bd0c195cf3a46e19b4b3b21b5e24cfa0b467f4e03424cce0f3034fcaa
- SSDEEP
  
  1536:Vshg8eWZvxJ0CIJb36uzOW9J3qsHdlwcIxulEb:GhaWZvIxOuzxCsHn0ua
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2