01d5726c6af32d2c5d81f4cd6da6b4905773baaa3d090811741a6f88bfcbbf92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01d5726c6af32d2c5d81f4cd6da6b4905773baaa3d090811741a6f88bfcbbf92
Size

63KB
Sample

221202-bhs8sscg8s
MD5

75de3f597764b355b26c18c02166acd7
SHA1

7b98ca8a1699610e130ec193d8508e29c8c98be0
SHA256

01d5726c6af32d2c5d81f4cd6da6b4905773baaa3d090811741a6f88bfcbbf92
SHA512

e1fd4d707a48935588c23cdfde2d1bb1c3c2a35e778678f986b6b5ad8cd618646262bf112cdec94093ffa07f6825d2d8100a0b7403740f68f728f49a099dee38
SSDEEP

1536:mr/n7NhljO6PC57Cq/xSV1HprdK2vFOC7NCGJoO:mznTFOYexSVBpJV/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  01d5726c6af32d2c5d81f4cd6da6b4905773baaa3d090811741a6f88bfcbbf92
- Size
  
  63KB
- MD5
  
  75de3f597764b355b26c18c02166acd7
- SHA1
  
  7b98ca8a1699610e130ec193d8508e29c8c98be0
- SHA256
  
  01d5726c6af32d2c5d81f4cd6da6b4905773baaa3d090811741a6f88bfcbbf92
- SHA512
  
  e1fd4d707a48935588c23cdfde2d1bb1c3c2a35e778678f986b6b5ad8cd618646262bf112cdec94093ffa07f6825d2d8100a0b7403740f68f728f49a099dee38
- SSDEEP
  
  1536:mr/n7NhljO6PC57Cq/xSV1HprdK2vFOC7NCGJoO:mznTFOYexSVBpJV/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2