eaff902c1b9323e60973bded4bd4e729743492d9a3997e7bd1e01c5c1eeeff12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f65f44ff95707a9022787640c17a90e
Size

160KB
Sample

231222-p29lsaddf3
MD5

8f65f44ff95707a9022787640c17a90e
SHA1

e06f3134e196e31c788931d2d060f911ed248c41
SHA256

eaff902c1b9323e60973bded4bd4e729743492d9a3997e7bd1e01c5c1eeeff12
SHA512

62e0c4de31db9bca280f2f9ab05002757d4c10eee6a6ddb0157219994509575b919437ef52c360ec17e36d3f66f340a72898d153355078f44c20a218246f2d3f
SSDEEP

1536:XrbSrrF21pyVlqIZBTbV0+SmtaAEUydLOqMdhvGm+lQyk6p7bp7:Xrb4r4U9vV0XmkUydsd0lQQp3p

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8f65f44ff95707a9022787640c17a90e
- Size
  
  160KB
- MD5
  
  8f65f44ff95707a9022787640c17a90e
- SHA1
  
  e06f3134e196e31c788931d2d060f911ed248c41
- SHA256
  
  eaff902c1b9323e60973bded4bd4e729743492d9a3997e7bd1e01c5c1eeeff12
- SHA512
  
  62e0c4de31db9bca280f2f9ab05002757d4c10eee6a6ddb0157219994509575b919437ef52c360ec17e36d3f66f340a72898d153355078f44c20a218246f2d3f
- SSDEEP
  
  1536:XrbSrrF21pyVlqIZBTbV0+SmtaAEUydLOqMdhvGm+lQyk6p7bp7:Xrb4r4U9vV0XmkUydsd0lQQp3p
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2