adbded7924f7e680bb41bf5d9ea3c0283285a3a99933d6133f4904484e9f39f7 | Triage

Sharing

General

Target

adbded7924f7e680bb41bf5d9ea3c0283285a3a99933d6133f4904484e9f39f7
Size

73KB
Sample

221205-k341gahh3y
MD5

8bf2877a8ba3c1c686bfb34b097c8f9b
SHA1

9a4a5590bd28b9837c67705a183f95ce27f279a1
SHA256

adbded7924f7e680bb41bf5d9ea3c0283285a3a99933d6133f4904484e9f39f7
SHA512

cc13ac4b07d187aed39f094466a16df15298cb5d6a7026065a9538bf03065f6192ed175a5f8943bca5b6b9f65faf7b12fcceac7b884bc1a52c0c5f186f2e5d42
SSDEEP

1536:xY7VTQeACwPxnqqUsruE0YM7Q4dVeb+3HP4vA:CLCnq6/0YM7PVeEHP8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  adbded7924f7e680bb41bf5d9ea3c0283285a3a99933d6133f4904484e9f39f7
- Size
  
  73KB
- MD5
  
  8bf2877a8ba3c1c686bfb34b097c8f9b
- SHA1
  
  9a4a5590bd28b9837c67705a183f95ce27f279a1
- SHA256
  
  adbded7924f7e680bb41bf5d9ea3c0283285a3a99933d6133f4904484e9f39f7
- SHA512
  
  cc13ac4b07d187aed39f094466a16df15298cb5d6a7026065a9538bf03065f6192ed175a5f8943bca5b6b9f65faf7b12fcceac7b884bc1a52c0c5f186f2e5d42
- SSDEEP
  
  1536:xY7VTQeACwPxnqqUsruE0YM7Q4dVeb+3HP4vA:CLCnq6/0YM7PVeEHP8
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2