dd5e0bdf00d42f08ee523ea63931599197e6fe95bb5ddbcaff6991c0eb8fb744 | Triage

Sharing

General

Target

662cc9247464ebf9fd0bb2d8b3e3e339
Size

1.3MB
Sample

240118-172nxabcc8
MD5

662cc9247464ebf9fd0bb2d8b3e3e339
SHA1

587c1c05b877fa247b58ee6758b81b34f188f1ed
SHA256

dd5e0bdf00d42f08ee523ea63931599197e6fe95bb5ddbcaff6991c0eb8fb744
SHA512

cabc89dc2a020757d07b2e19e7d7c775e13412d99569e3263dc98219c1bfa025c3e81aededbba7a6c7fd451668172e0ce07a66055e9376fd80bf96f937c958a1
SSDEEP

24576:FuiLFSlMCcG88M3bI468vgmnnCQqOkovZPQEp1lvtmE4v:FNLFVCpxM3lb6WzQk14v

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  662cc9247464ebf9fd0bb2d8b3e3e339
- Size
  
  1.3MB
- MD5
  
  662cc9247464ebf9fd0bb2d8b3e3e339
- SHA1
  
  587c1c05b877fa247b58ee6758b81b34f188f1ed
- SHA256
  
  dd5e0bdf00d42f08ee523ea63931599197e6fe95bb5ddbcaff6991c0eb8fb744
- SHA512
  
  cabc89dc2a020757d07b2e19e7d7c775e13412d99569e3263dc98219c1bfa025c3e81aededbba7a6c7fd451668172e0ce07a66055e9376fd80bf96f937c958a1
- SSDEEP
  
  24576:FuiLFSlMCcG88M3bI468vgmnnCQqOkovZPQEp1lvtmE4v:FNLFVCpxM3lb6WzQk14v
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2