82d24e629fea0efc606dc2c7ec133f5df661f86b5105a3cb8ecca8b525e038e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82d24e629fea0efc606dc2c7ec133f5df661f86b5105a3cb8ecca8b525e038e7
Size

75KB
Sample

221206-la2kbage7w
MD5

992ae7dd9ab820aa9468b50a9d907789
SHA1

27fc99d018eea5349daa0f069bd5b5701a3f1339
SHA256

82d24e629fea0efc606dc2c7ec133f5df661f86b5105a3cb8ecca8b525e038e7
SHA512

710532090893220957da778e69f1fcf26567bc29f0318f2c9e42d2b93d5366060254101e8311119bc284b0bf3b22266ab0420f86f161c0aa7761061b95b95807
SSDEEP

1536:H7Ta9ccHro+mc95xO0KcmtCG+XHyl/ZDDDDDDDDD:H3IlHro+l9C0KUIDDDDDDDDD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  82d24e629fea0efc606dc2c7ec133f5df661f86b5105a3cb8ecca8b525e038e7
- Size
  
  75KB
- MD5
  
  992ae7dd9ab820aa9468b50a9d907789
- SHA1
  
  27fc99d018eea5349daa0f069bd5b5701a3f1339
- SHA256
  
  82d24e629fea0efc606dc2c7ec133f5df661f86b5105a3cb8ecca8b525e038e7
- SHA512
  
  710532090893220957da778e69f1fcf26567bc29f0318f2c9e42d2b93d5366060254101e8311119bc284b0bf3b22266ab0420f86f161c0aa7761061b95b95807
- SSDEEP
  
  1536:H7Ta9ccHro+mc95xO0KcmtCG+XHyl/ZDDDDDDDDD:H3IlHro+l9C0KUIDDDDDDDDD
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2