7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84 | Triage

Sharing

General

Target

7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84
Size

58KB
Sample

221123-q64f1aah2t
MD5

c937085ab627d4a88dc87cd4e9a7c916
SHA1

4f29316905c894b1042d3826a3a65acce931d0ba
SHA256

7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84
SHA512

60f06ddc21a3478911480fc6df0e6116200ef0133b19419c1f7efce45d566f21c21a1a429154528954f13fed7fb8466d32bd9547a66f4c7bb2a27cd82b4cd827
SSDEEP

768:C9id8zWWIJ5xJn98+DqljcqvNBe0s5IAnXxujpjIOjF7jXHx:C9PqWIJl98+DqlFNI0whXxujRIUF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84
- Size
  
  58KB
- MD5
  
  c937085ab627d4a88dc87cd4e9a7c916
- SHA1
  
  4f29316905c894b1042d3826a3a65acce931d0ba
- SHA256
  
  7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84
- SHA512
  
  60f06ddc21a3478911480fc6df0e6116200ef0133b19419c1f7efce45d566f21c21a1a429154528954f13fed7fb8466d32bd9547a66f4c7bb2a27cd82b4cd827
- SSDEEP
  
  768:C9id8zWWIJ5xJn98+DqljcqvNBe0s5IAnXxujpjIOjF7jXHx:C9PqWIJl98+DqlFNI0whXxujRIUF
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2