779321e4ebfec1a97a36607cbe9a8b0c3bf5ca71ee27a107482408073bd9addd | Triage

Sharing

General

Target

779321e4ebfec1a97a36607cbe9a8b0c3bf5ca71ee27a107482408073bd9addd
Size

98KB
Sample

221129-jcx9kahb58
MD5

4a1e23f92714a0a3b49d57483108a2c0
SHA1

d89e49d30cf60cd4c70a1f508df55b74fe044ded
SHA256

779321e4ebfec1a97a36607cbe9a8b0c3bf5ca71ee27a107482408073bd9addd
SHA512

23190b5a5ef75a2be104d8ade8edb001ce16558264dade0d12c865d8efdbc306d29b59d00869297480fa79126c96d6e3b7e4728c74fde7c3ada1fef43549469d
SSDEEP

1536:NRE+mYnqTva2Un6JQmbDv3cE8iYJoO2/UoCFOOAT+HVhQQ:5mYCa2YgccYthbONT+3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  779321e4ebfec1a97a36607cbe9a8b0c3bf5ca71ee27a107482408073bd9addd
- Size
  
  98KB
- MD5
  
  4a1e23f92714a0a3b49d57483108a2c0
- SHA1
  
  d89e49d30cf60cd4c70a1f508df55b74fe044ded
- SHA256
  
  779321e4ebfec1a97a36607cbe9a8b0c3bf5ca71ee27a107482408073bd9addd
- SHA512
  
  23190b5a5ef75a2be104d8ade8edb001ce16558264dade0d12c865d8efdbc306d29b59d00869297480fa79126c96d6e3b7e4728c74fde7c3ada1fef43549469d
- SSDEEP
  
  1536:NRE+mYnqTva2Un6JQmbDv3cE8iYJoO2/UoCFOOAT+HVhQQ:5mYCa2YgccYthbONT+3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2