0ace1841939b63f43f033ab096b61846f373b359d9c927096752d88c437bcbb6 | Triage

Sharing

General

Target

0ace1841939b63f43f033ab096b61846f373b359d9c927096752d88c437bcbb6
Size

58KB
Sample

221202-bc6a6scd3t
MD5

15b406601992e80b9f5a22448a7df1f2
SHA1

5213baac74fd04cdd846efb1656cd70a423d130d
SHA256

0ace1841939b63f43f033ab096b61846f373b359d9c927096752d88c437bcbb6
SHA512

10ad5e8047a459569d0ac3baeb3db414a6459a0222b65e4bbb39c45eba01fa59679f5d2fc785eafd53a35f5d01f7261d8bbd4f5ecd019b1401ad69d260279b85
SSDEEP

1536:p3kwY3zkrGpVKMZKpJFyO6tXp3EoIDQ4KSk:p32JK0SFb6tXW7CS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0ace1841939b63f43f033ab096b61846f373b359d9c927096752d88c437bcbb6
- Size
  
  58KB
- MD5
  
  15b406601992e80b9f5a22448a7df1f2
- SHA1
  
  5213baac74fd04cdd846efb1656cd70a423d130d
- SHA256
  
  0ace1841939b63f43f033ab096b61846f373b359d9c927096752d88c437bcbb6
- SHA512
  
  10ad5e8047a459569d0ac3baeb3db414a6459a0222b65e4bbb39c45eba01fa59679f5d2fc785eafd53a35f5d01f7261d8bbd4f5ecd019b1401ad69d260279b85
- SSDEEP
  
  1536:p3kwY3zkrGpVKMZKpJFyO6tXp3EoIDQ4KSk:p32JK0SFb6tXW7CS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2