51e923d1f56a34c668e2f1d5e6e6d2751a3fa9b6f772dfa44f71c9a4f4ad47bd | Triage

Sharing

General

Target

51e923d1f56a34c668e2f1d5e6e6d2751a3fa9b6f772dfa44f71c9a4f4ad47bd
Size

104KB
Sample

221201-e58tjshf4t
MD5

9b39c62a3880483c6b6c3a43c9ce79ce
SHA1

9e6e344f9390022e9cac676fb61aeec20f7fc0ea
SHA256

51e923d1f56a34c668e2f1d5e6e6d2751a3fa9b6f772dfa44f71c9a4f4ad47bd
SHA512

07dd26509102b07c3ab40270dc72b56ee9c2f1ea4db105059b633feb1187aaca3e9246b086f76edad48d6d8d5827b7162cb1f924685d7846b93154dd7451c6de
SSDEEP

1536:8jz9uWp5TyYTxdNTuSgxmVoFwLSoAi1lwteyHKCqHfdDKRHTHRHTYRHT:8jz9lHNXgxmVoFJ0lwKflmdTdEd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  51e923d1f56a34c668e2f1d5e6e6d2751a3fa9b6f772dfa44f71c9a4f4ad47bd
- Size
  
  104KB
- MD5
  
  9b39c62a3880483c6b6c3a43c9ce79ce
- SHA1
  
  9e6e344f9390022e9cac676fb61aeec20f7fc0ea
- SHA256
  
  51e923d1f56a34c668e2f1d5e6e6d2751a3fa9b6f772dfa44f71c9a4f4ad47bd
- SHA512
  
  07dd26509102b07c3ab40270dc72b56ee9c2f1ea4db105059b633feb1187aaca3e9246b086f76edad48d6d8d5827b7162cb1f924685d7846b93154dd7451c6de
- SSDEEP
  
  1536:8jz9uWp5TyYTxdNTuSgxmVoFwLSoAi1lwteyHKCqHfdDKRHTHRHTYRHT:8jz9lHNXgxmVoFJ0lwKflmdTdEd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2