84b03498b44011a228964b30525c98974cce12e341d6e117435509bb09932941 | Triage

Sharing

General

Target

84b03498b44011a228964b30525c98974cce12e341d6e117435509bb09932941
Size

82KB
Sample

221129-hdh1laea75
MD5

3eb83ff6d2f4701608cd4cba20b6cf12
SHA1

abeea66ed71b70ecca31aab4b2f0d1b1182aad50
SHA256

84b03498b44011a228964b30525c98974cce12e341d6e117435509bb09932941
SHA512

912fcc1dc41cd551ae3c6b5607b1fd229383fae56bf703211c6cf67dad409c4a99a6a519b166139ad2d432a0b755edc81c44b0b3a6822da27b503229035cc500
SSDEEP

768:ADTTTTB999TDDrVTrGGZFIxRZTWQiSBTMHUWSiR6YuoOr1JSbIjuI4V+mVlXDXX5:9GZFMi2K6YufiDtV7VtXT7ALaDB

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  84b03498b44011a228964b30525c98974cce12e341d6e117435509bb09932941
- Size
  
  82KB
- MD5
  
  3eb83ff6d2f4701608cd4cba20b6cf12
- SHA1
  
  abeea66ed71b70ecca31aab4b2f0d1b1182aad50
- SHA256
  
  84b03498b44011a228964b30525c98974cce12e341d6e117435509bb09932941
- SHA512
  
  912fcc1dc41cd551ae3c6b5607b1fd229383fae56bf703211c6cf67dad409c4a99a6a519b166139ad2d432a0b755edc81c44b0b3a6822da27b503229035cc500
- SSDEEP
  
  768:ADTTTTB999TDDrVTrGGZFIxRZTWQiSBTMHUWSiR6YuoOr1JSbIjuI4V+mVlXDXX5:9GZFMi2K6YufiDtV7VtXT7ALaDB
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2