9d455466e0e1ea3c1592f2faf99a2693b975e9e0de2ce925a27cffd869da0be6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d455466e0e1ea3c1592f2faf99a2693b975e9e0de2ce925a27cffd869da0be6
Size

79KB
Sample

221201-atwmmahb59
MD5

00a2a04b9cd370af50c76fb96cf723c0
SHA1

fa36d607f65ed09e5cd1ad5fa0539431278824a9
SHA256

9d455466e0e1ea3c1592f2faf99a2693b975e9e0de2ce925a27cffd869da0be6
SHA512

f715cb8732581b086bd980ad79cbd0c068291c1414925de6a42389008f6fd694456aacbeb42f916e978b2e4abbc129905bb92caf0b7f16dccdec13fcd8e5cabc
SSDEEP

768:PmAYW93G7rhChef/0aoO2JkyrnVZhur1dJ0qUDWKb/24FFNK3BghG1eZZ:eAYW9vgX0aoHJkyXmJp4FoBH1e

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9d455466e0e1ea3c1592f2faf99a2693b975e9e0de2ce925a27cffd869da0be6
- Size
  
  79KB
- MD5
  
  00a2a04b9cd370af50c76fb96cf723c0
- SHA1
  
  fa36d607f65ed09e5cd1ad5fa0539431278824a9
- SHA256
  
  9d455466e0e1ea3c1592f2faf99a2693b975e9e0de2ce925a27cffd869da0be6
- SHA512
  
  f715cb8732581b086bd980ad79cbd0c068291c1414925de6a42389008f6fd694456aacbeb42f916e978b2e4abbc129905bb92caf0b7f16dccdec13fcd8e5cabc
- SSDEEP
  
  768:PmAYW93G7rhChef/0aoO2JkyrnVZhur1dJ0qUDWKb/24FFNK3BghG1eZZ:eAYW9vgX0aoHJkyXmJp4FoBH1e
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2