90b1526d675c417640d1a5313aee6957d1a2a2f3ddb7a7bbc276330007bfdb56 | Triage

Sharing

General

Target

90b1526d675c417640d1a5313aee6957d1a2a2f3ddb7a7bbc276330007bfdb56
Size

82KB
Sample

221129-f6sz6aaa39
MD5

58c27bd99bdbf14ddfbe9ede173e01ad
SHA1

6146e72db55f105a8fc0bba9cac1c17f9613419d
SHA256

90b1526d675c417640d1a5313aee6957d1a2a2f3ddb7a7bbc276330007bfdb56
SHA512

26ba9fecb3e4791a964087a7823c1bb0ff6c9c5797b91b1d295419bcb7645695f6aa86c9c7636ccbbf57e1ec1d70e5482ecbc414ffa18ebdd43463b8803dfcf2
SSDEEP

768:DL2EInkeC3sb/swTaYQ3knkMdNk77x0QSJ0oTHSPcO/QXa1gLa1r:eEuke33a10nkMd67y9HSPcoKRLap

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  90b1526d675c417640d1a5313aee6957d1a2a2f3ddb7a7bbc276330007bfdb56
- Size
  
  82KB
- MD5
  
  58c27bd99bdbf14ddfbe9ede173e01ad
- SHA1
  
  6146e72db55f105a8fc0bba9cac1c17f9613419d
- SHA256
  
  90b1526d675c417640d1a5313aee6957d1a2a2f3ddb7a7bbc276330007bfdb56
- SHA512
  
  26ba9fecb3e4791a964087a7823c1bb0ff6c9c5797b91b1d295419bcb7645695f6aa86c9c7636ccbbf57e1ec1d70e5482ecbc414ffa18ebdd43463b8803dfcf2
- SSDEEP
  
  768:DL2EInkeC3sb/swTaYQ3knkMdNk77x0QSJ0oTHSPcO/QXa1gLa1r:eEuke33a10nkMd67y9HSPcoKRLap
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2