07c61789a07f0d9e098116646f45c5a14947f786d9dd95dfbab32a1abea95e5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07c61789a07f0d9e098116646f45c5a14947f786d9dd95dfbab32a1abea95e5a
Size

58KB
Sample

221201-g1eq1sfb3z
MD5

5366872751112db41a558399c3ed68a0
SHA1

e55fa05cb0c5004890f2b6567977c10b79a24fa1
SHA256

07c61789a07f0d9e098116646f45c5a14947f786d9dd95dfbab32a1abea95e5a
SHA512

94c0717d54c909362f385540c1c824dc70f35142710c183e53710a61197220bbeb4faa774e9d539fd6b5722f8e0135fc6b87d697812a8636f04cb3f199cd2a83
SSDEEP

1536:n5ufs8rgvDGhBs5V9svh5X15cXQdplMYgFBqZ3TT6:n538C5Y5XEXQdplMFU3T

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  07c61789a07f0d9e098116646f45c5a14947f786d9dd95dfbab32a1abea95e5a
- Size
  
  58KB
- MD5
  
  5366872751112db41a558399c3ed68a0
- SHA1
  
  e55fa05cb0c5004890f2b6567977c10b79a24fa1
- SHA256
  
  07c61789a07f0d9e098116646f45c5a14947f786d9dd95dfbab32a1abea95e5a
- SHA512
  
  94c0717d54c909362f385540c1c824dc70f35142710c183e53710a61197220bbeb4faa774e9d539fd6b5722f8e0135fc6b87d697812a8636f04cb3f199cd2a83
- SSDEEP
  
  1536:n5ufs8rgvDGhBs5V9svh5X15cXQdplMYgFBqZ3TT6:n538C5Y5XEXQdplMFU3T
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2