3ad3736e8bf5c3fa217c70009e98cceda31867b5f066404f1b9ebdad3f2b90b4 | Triage

Sharing

General

Target

3ad3736e8bf5c3fa217c70009e98cceda31867b5f066404f1b9ebdad3f2b90b4
Size

111KB
Sample

221123-rw6n2scf7v
MD5

c15509b2a787b6a98b5eacd81785231a
SHA1

4df282c42fdab00638a541eae876766505a095a3
SHA256

3ad3736e8bf5c3fa217c70009e98cceda31867b5f066404f1b9ebdad3f2b90b4
SHA512

09619d3936f9bb4d52556845fd3095b96f81b7aff56c3783d1d2661b44bcf887ae6309da0ae4db0d224d391590840e6fbe45b8b454c618952eab6320c421da1c
SSDEEP

1536:Et8dawYeLO9j6xMLYhqbj8VJCySIkUohWl9jl9jU:EtIkeLOl6Wnj2JCyhkUohylllU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3ad3736e8bf5c3fa217c70009e98cceda31867b5f066404f1b9ebdad3f2b90b4
- Size
  
  111KB
- MD5
  
  c15509b2a787b6a98b5eacd81785231a
- SHA1
  
  4df282c42fdab00638a541eae876766505a095a3
- SHA256
  
  3ad3736e8bf5c3fa217c70009e98cceda31867b5f066404f1b9ebdad3f2b90b4
- SHA512
  
  09619d3936f9bb4d52556845fd3095b96f81b7aff56c3783d1d2661b44bcf887ae6309da0ae4db0d224d391590840e6fbe45b8b454c618952eab6320c421da1c
- SSDEEP
  
  1536:Et8dawYeLO9j6xMLYhqbj8VJCySIkUohWl9jl9jU:EtIkeLOl6Wnj2JCyhkUohylllU
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2