6890f53dba9a378fe537683528c4a5dd7ceff0a1bafcec9f906b7b9727b76c2b | Triage

Sharing

General

Target

6890f53dba9a378fe537683528c4a5dd7ceff0a1bafcec9f906b7b9727b76c2b
Size

104KB
Sample

221129-j65kqsbf35
MD5

be58b3dcfce681a3f975bf35e3fe59a2
SHA1

8fef86c83f0acf68299df5ab5db12c88db121494
SHA256

6890f53dba9a378fe537683528c4a5dd7ceff0a1bafcec9f906b7b9727b76c2b
SHA512

9027d5f05fc5130b0a2d2c2b741fb1fe262bca040fb65b054e8de5462c80780de20b386a593e8cf4949d173d56ab77b9c847377cddaa33a123de6d3a0691adab
SSDEEP

1536:3O3r0j/g542+TYK3AoPyxmVoXTKJej1eItbTo/fmnO1454k4sfst:3O3r0rjB5PyxmVobjhJWhsfG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6890f53dba9a378fe537683528c4a5dd7ceff0a1bafcec9f906b7b9727b76c2b
- Size
  
  104KB
- MD5
  
  be58b3dcfce681a3f975bf35e3fe59a2
- SHA1
  
  8fef86c83f0acf68299df5ab5db12c88db121494
- SHA256
  
  6890f53dba9a378fe537683528c4a5dd7ceff0a1bafcec9f906b7b9727b76c2b
- SHA512
  
  9027d5f05fc5130b0a2d2c2b741fb1fe262bca040fb65b054e8de5462c80780de20b386a593e8cf4949d173d56ab77b9c847377cddaa33a123de6d3a0691adab
- SSDEEP
  
  1536:3O3r0j/g542+TYK3AoPyxmVoXTKJej1eItbTo/fmnO1454k4sfst:3O3r0rjB5PyxmVobjhJWhsfG
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2