1dbf435c2c8524e844e49705f75aa45bc2f8325ce5dda66b24491cb3289cb427 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1dbf435c2c8524e844e49705f75aa45bc2f8325ce5dda66b24491cb3289cb427
Size

88KB
Sample

221201-g5b6paca76
MD5

91016c3fbd04b5115a89c3e1f5927961
SHA1

1aa0c0316f2074dbf922bf485ba285fc2f9fd99d
SHA256

1dbf435c2c8524e844e49705f75aa45bc2f8325ce5dda66b24491cb3289cb427
SHA512

3ebd9693466bb84a70d4cd931b14dab75c460298e3babb55ca6d04ab31820f2724ad76e669486be9ac8b52db035e5b1802aaf8b85ab52f7d15e74cf0dafd8026
SSDEEP

1536:s2OUbZg3efzf4et0p+e85tVkh9oBydm6UWU+EnX:s2jb8efb4l+TthBaURX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1dbf435c2c8524e844e49705f75aa45bc2f8325ce5dda66b24491cb3289cb427
- Size
  
  88KB
- MD5
  
  91016c3fbd04b5115a89c3e1f5927961
- SHA1
  
  1aa0c0316f2074dbf922bf485ba285fc2f9fd99d
- SHA256
  
  1dbf435c2c8524e844e49705f75aa45bc2f8325ce5dda66b24491cb3289cb427
- SHA512
  
  3ebd9693466bb84a70d4cd931b14dab75c460298e3babb55ca6d04ab31820f2724ad76e669486be9ac8b52db035e5b1802aaf8b85ab52f7d15e74cf0dafd8026
- SSDEEP
  
  1536:s2OUbZg3efzf4et0p+e85tVkh9oBydm6UWU+EnX:s2jb8efb4l+TthBaURX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2