46ee488ac1d0eaf47623e20d0626fbe92e553c2bf9734518008b7118097915bb | Triage

Sharing

General

Target

46ee488ac1d0eaf47623e20d0626fbe92e553c2bf9734518008b7118097915bb
Size

64KB
Sample

221127-jk9ybsaf42
MD5

cb712da87321c64ddf4e730ed8d4bace
SHA1

7c6389ed730de1ccca8978df50ba00c9ddda1794
SHA256

46ee488ac1d0eaf47623e20d0626fbe92e553c2bf9734518008b7118097915bb
SHA512

b03ef01a177da946335d6645b26b96989f23d51501a4631f5e4f3464e605e1661a48982645d2290705a59c2b6c5e94e55aac176646d9ad08b4c8c24d5c8e0290
SSDEEP

768:tLnUkaNo+/bpAyZhsGStX/foyvKLnnzINQ/rxgpB+LUnTAMSrowjBGkD92TwXk:tPpyZPSxYuKINexuJwrxBG62TAk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  46ee488ac1d0eaf47623e20d0626fbe92e553c2bf9734518008b7118097915bb
- Size
  
  64KB
- MD5
  
  cb712da87321c64ddf4e730ed8d4bace
- SHA1
  
  7c6389ed730de1ccca8978df50ba00c9ddda1794
- SHA256
  
  46ee488ac1d0eaf47623e20d0626fbe92e553c2bf9734518008b7118097915bb
- SHA512
  
  b03ef01a177da946335d6645b26b96989f23d51501a4631f5e4f3464e605e1661a48982645d2290705a59c2b6c5e94e55aac176646d9ad08b4c8c24d5c8e0290
- SSDEEP
  
  768:tLnUkaNo+/bpAyZhsGStX/foyvKLnnzINQ/rxgpB+LUnTAMSrowjBGkD92TwXk:tPpyZPSxYuKINexuJwrxBG62TAk
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2