4935dbb127d3a2bd15b45b6680e21f156d5227d60b9fa87dbc36ccce053529a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4935dbb127d3a2bd15b45b6680e21f156d5227d60b9fa87dbc36ccce053529a6
Size

58KB
Sample

221201-3zlntsgg6y
MD5

fb0b9ce22fb5f20dda1297d67a5439cf
SHA1

9eaa4a4f427e52ad2a9716abfae1b21d31e5dc3c
SHA256

4935dbb127d3a2bd15b45b6680e21f156d5227d60b9fa87dbc36ccce053529a6
SHA512

8483f4ae2ddcf2b04e0b1334034039b54d958b9ef93499cf76b64ada8f60abb072f3d4c4e573b63579abc51f6478e859966dc1c6484586a2e396dccfb004b461
SSDEEP

1536:ui4BAVsJpVOSEYPPwYYLUis5um5D9/5IcnJ5MiL:uiU+YNh1uPWuo1J9

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4935dbb127d3a2bd15b45b6680e21f156d5227d60b9fa87dbc36ccce053529a6
- Size
  
  58KB
- MD5
  
  fb0b9ce22fb5f20dda1297d67a5439cf
- SHA1
  
  9eaa4a4f427e52ad2a9716abfae1b21d31e5dc3c
- SHA256
  
  4935dbb127d3a2bd15b45b6680e21f156d5227d60b9fa87dbc36ccce053529a6
- SHA512
  
  8483f4ae2ddcf2b04e0b1334034039b54d958b9ef93499cf76b64ada8f60abb072f3d4c4e573b63579abc51f6478e859966dc1c6484586a2e396dccfb004b461
- SSDEEP
  
  1536:ui4BAVsJpVOSEYPPwYYLUis5um5D9/5IcnJ5MiL:uiU+YNh1uPWuo1J9
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2