75e14b42d057b7c5430289cb87b08c49f0eab3077b554d5fc35fc341e745d1d5 | Triage

Sharing

General

Target

VirusShare_1a57f2ba3dcb7fc2881309af555449a0
Size

104KB
Sample

240610-n5h3kaae78
MD5

1a57f2ba3dcb7fc2881309af555449a0
SHA1

d083783c9a7d1c252e12517e6fd8faeb6b851554
SHA256

75e14b42d057b7c5430289cb87b08c49f0eab3077b554d5fc35fc341e745d1d5
SHA512

fad09351a9e22a0f5bd90718e6404eb22f3719be4b4f00a8a2935cb209627b36de880b1b6cbf78d0e2007f8b57c8ed9c2ae8dee253bc8a08410e2d00f587bb48
SSDEEP

1536:egAI5PzJMdRycp37jmHXvEzGPvMvugoLx/3T9XTW4Na4IGuh/dxPH+gnaia:NA4YMcp3ovd5DLtZDW4NaBZdZH+gnza

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_1a57f2ba3dcb7fc2881309af555449a0
- Size
  
  104KB
- MD5
  
  1a57f2ba3dcb7fc2881309af555449a0
- SHA1
  
  d083783c9a7d1c252e12517e6fd8faeb6b851554
- SHA256
  
  75e14b42d057b7c5430289cb87b08c49f0eab3077b554d5fc35fc341e745d1d5
- SHA512
  
  fad09351a9e22a0f5bd90718e6404eb22f3719be4b4f00a8a2935cb209627b36de880b1b6cbf78d0e2007f8b57c8ed9c2ae8dee253bc8a08410e2d00f587bb48
- SSDEEP
  
  1536:egAI5PzJMdRycp37jmHXvEzGPvMvugoLx/3T9XTW4Na4IGuh/dxPH+gnaia:NA4YMcp3ovd5DLtZDW4NaBZdZH+gnza
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2