f6601e7ecd27cecf945ad59f5a8988804a85ca59cf0c6969ca276d4f55b075bf | Triage

Sharing

General

Target

f6601e7ecd27cecf945ad59f5a8988804a85ca59cf0c6969ca276d4f55b075bf
Size

75KB
Sample

221204-jnxr6sab48
MD5

4418c358b3a8821e80de40f465be8b90
SHA1

c87a06e9fdf99f2a1527c1d3eacc51f756980847
SHA256

f6601e7ecd27cecf945ad59f5a8988804a85ca59cf0c6969ca276d4f55b075bf
SHA512

65d2a52b9a37b5dff54b368e7041bc262438a168b65fc70b22f10a8d3e8503502724b0731e14a5f168ecf10569590f94cc2da621c28f2b8d2c6da4609682db39
SSDEEP

1536:q5e1DU8MjRLeHFjgJ3+wJ53tKxHmitG8nfmmaK7z/z5XDKoxvyru:q5e1DU8M9gFjgJ3lb3sHmitlOodOpq

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f6601e7ecd27cecf945ad59f5a8988804a85ca59cf0c6969ca276d4f55b075bf
- Size
  
  75KB
- MD5
  
  4418c358b3a8821e80de40f465be8b90
- SHA1
  
  c87a06e9fdf99f2a1527c1d3eacc51f756980847
- SHA256
  
  f6601e7ecd27cecf945ad59f5a8988804a85ca59cf0c6969ca276d4f55b075bf
- SHA512
  
  65d2a52b9a37b5dff54b368e7041bc262438a168b65fc70b22f10a8d3e8503502724b0731e14a5f168ecf10569590f94cc2da621c28f2b8d2c6da4609682db39
- SSDEEP
  
  1536:q5e1DU8MjRLeHFjgJ3+wJ53tKxHmitG8nfmmaK7z/z5XDKoxvyru:q5e1DU8M9gFjgJ3lb3sHmitlOodOpq
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2