83f177b7f245e91a14b25e7ebdd551c3db016538667409c1a3987dba91906085 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83f177b7f245e91a14b25e7ebdd551c3db016538667409c1a3987dba91906085
Size

96KB
Sample

221201-1y3vlseh92
MD5

984eacc08e0dde07b56b7d5cb986ed77
SHA1

4f59fec6c55630fc8e80548a9b96ae912aaabaed
SHA256

83f177b7f245e91a14b25e7ebdd551c3db016538667409c1a3987dba91906085
SHA512

64b7db9645aae194d07cbfdf2a065d00f5a0a6298e6adc56325eb71d86aaf6367dc03120ab0badf544033ae75c768cfbbbbaae0b204423918b6acb84c928a866
SSDEEP

1536:5FCKOporQUwJ5LaXOZAUJW7V3mRMTsTlngrQmBv:PCKOporQWX17tzv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  83f177b7f245e91a14b25e7ebdd551c3db016538667409c1a3987dba91906085
- Size
  
  96KB
- MD5
  
  984eacc08e0dde07b56b7d5cb986ed77
- SHA1
  
  4f59fec6c55630fc8e80548a9b96ae912aaabaed
- SHA256
  
  83f177b7f245e91a14b25e7ebdd551c3db016538667409c1a3987dba91906085
- SHA512
  
  64b7db9645aae194d07cbfdf2a065d00f5a0a6298e6adc56325eb71d86aaf6367dc03120ab0badf544033ae75c768cfbbbbaae0b204423918b6acb84c928a866
- SSDEEP
  
  1536:5FCKOporQUwJ5LaXOZAUJW7V3mRMTsTlngrQmBv:PCKOporQWX17tzv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2