2ace50a919b3ac2f740f6137f0d178282c8efabe4be73d7e9f7538c775aaf55b | Triage

Sharing

General

Target

2ace50a919b3ac2f740f6137f0d178282c8efabe4be73d7e9f7538c775aaf55b
Size

57KB
Sample

221125-d1w4hsha76
MD5

b050829d2b12d2364c31266ad9c95503
SHA1

cd2d0db56561fa9ea33267e639d151da5af0a23a
SHA256

2ace50a919b3ac2f740f6137f0d178282c8efabe4be73d7e9f7538c775aaf55b
SHA512

3e6d536cc2ebed1953e7d1f0f5d3f7b5feb61b80a66360ef635764a74c291513628060d69147eb8558c4a6b92482be8703008da23f8cfb5b56e990fb362e0105
SSDEEP

768:CbM5O8y0sI+coEpsFcf6kMWuwiP4N83KbG/tMHxFy/trtfIw5w51Ev7qXHx:CbZZ9pVEpsFS6kM7P4N88RWlZ57

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2ace50a919b3ac2f740f6137f0d178282c8efabe4be73d7e9f7538c775aaf55b
- Size
  
  57KB
- MD5
  
  b050829d2b12d2364c31266ad9c95503
- SHA1
  
  cd2d0db56561fa9ea33267e639d151da5af0a23a
- SHA256
  
  2ace50a919b3ac2f740f6137f0d178282c8efabe4be73d7e9f7538c775aaf55b
- SHA512
  
  3e6d536cc2ebed1953e7d1f0f5d3f7b5feb61b80a66360ef635764a74c291513628060d69147eb8558c4a6b92482be8703008da23f8cfb5b56e990fb362e0105
- SSDEEP
  
  768:CbM5O8y0sI+coEpsFcf6kMWuwiP4N83KbG/tMHxFy/trtfIw5w51Ev7qXHx:CbZZ9pVEpsFS6kM7P4N88RWlZ57
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2