d7dba69ec1f65001881bb96ddeab443f93b1964cf864f4276e93e5cd0cb0f85d | Triage

Sharing

General

Target

d7dba69ec1f65001881bb96ddeab443f93b1964cf864f4276e93e5cd0cb0f85d
Size

88KB
Sample

221203-pgkf6adb6w
MD5

3fd8471614c0e18e2f6178c7fc1c4c30
SHA1

d3659e455c70990d1ccba1f807458b2270dd4101
SHA256

d7dba69ec1f65001881bb96ddeab443f93b1964cf864f4276e93e5cd0cb0f85d
SHA512

5492466e3ab8106d933ac37485d15e9cfed8c6d902d9e73ebd9e1bc285d2cad5a0474d972d7c3ac3d88fffdad4a7ecb7daefa38f7dc2045d701c6b597fd0ca4c
SSDEEP

1536:s2OUbZg3eGrf4et0p+e85tVkh9oBydm6UWU+EnX:s2jb8eGj4l+TthBaURX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d7dba69ec1f65001881bb96ddeab443f93b1964cf864f4276e93e5cd0cb0f85d
- Size
  
  88KB
- MD5
  
  3fd8471614c0e18e2f6178c7fc1c4c30
- SHA1
  
  d3659e455c70990d1ccba1f807458b2270dd4101
- SHA256
  
  d7dba69ec1f65001881bb96ddeab443f93b1964cf864f4276e93e5cd0cb0f85d
- SHA512
  
  5492466e3ab8106d933ac37485d15e9cfed8c6d902d9e73ebd9e1bc285d2cad5a0474d972d7c3ac3d88fffdad4a7ecb7daefa38f7dc2045d701c6b597fd0ca4c
- SSDEEP
  
  1536:s2OUbZg3eGrf4et0p+e85tVkh9oBydm6UWU+EnX:s2jb8eGj4l+TthBaURX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2