55ef9bc9fda81afdad6bf5ded04b6a7d274b6e5736b22790181bda11efd97d72 | Triage

Sharing

General

Target

55ef9bc9fda81afdad6bf5ded04b6a7d274b6e5736b22790181bda11efd97d72
Size

58KB
Sample

221201-fr4hcafh74
MD5

c9dbf1127bb3c03c14a9ceeed5ca4c60
SHA1

ee99b73f9707332d10ff5480b2d31a4726078483
SHA256

55ef9bc9fda81afdad6bf5ded04b6a7d274b6e5736b22790181bda11efd97d72
SHA512

95da533375293a555b3dc7355f4c3083f52dc25c3beba0bca42311247a49914f8885f2f99571df3d6999c440310752ac0ce8114dc5457166fdb30d6471ee7d7a
SSDEEP

1536:1pUgt49tzE+HjxX/Af93aZUHxRdiZ7oAqKC29au:1pUgt49tAkxX4V3hxTiZMlW9a

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  55ef9bc9fda81afdad6bf5ded04b6a7d274b6e5736b22790181bda11efd97d72
- Size
  
  58KB
- MD5
  
  c9dbf1127bb3c03c14a9ceeed5ca4c60
- SHA1
  
  ee99b73f9707332d10ff5480b2d31a4726078483
- SHA256
  
  55ef9bc9fda81afdad6bf5ded04b6a7d274b6e5736b22790181bda11efd97d72
- SHA512
  
  95da533375293a555b3dc7355f4c3083f52dc25c3beba0bca42311247a49914f8885f2f99571df3d6999c440310752ac0ce8114dc5457166fdb30d6471ee7d7a
- SSDEEP
  
  1536:1pUgt49tzE+HjxX/Af93aZUHxRdiZ7oAqKC29au:1pUgt49tAkxX4V3hxTiZMlW9a
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2