68cd1ae97e993782058e315d17c69afadc0f8274644ac1d6d0ddea90a564ef5a | Triage

Sharing

General

Target

VirusShare_23c5028c0a673ab94996fb5c71f69665
Size

65KB
Sample

240610-n9p2nsag45
MD5

23c5028c0a673ab94996fb5c71f69665
SHA1

dc176d306264dd63e11a8b5bc0c64e1fad4d807c
SHA256

68cd1ae97e993782058e315d17c69afadc0f8274644ac1d6d0ddea90a564ef5a
SHA512

64a550c0b8e041bd1151f6222854ee58ba6f615e4a4a40f424f2c600bc355b04111cadb000757bc9c05e4882e9f31214e814db76373d009eb50289f5bc5d5e95
SSDEEP

768:O5ZVdUHkWbOhML47V0CkTjZrZARhXTrNO5q1tG6J2vOpkfNNlcL/SLQpsI5jPe/9:O5z+Bbi260Ckkzjp7wC23fE/iM5jP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_23c5028c0a673ab94996fb5c71f69665
- Size
  
  65KB
- MD5
  
  23c5028c0a673ab94996fb5c71f69665
- SHA1
  
  dc176d306264dd63e11a8b5bc0c64e1fad4d807c
- SHA256
  
  68cd1ae97e993782058e315d17c69afadc0f8274644ac1d6d0ddea90a564ef5a
- SHA512
  
  64a550c0b8e041bd1151f6222854ee58ba6f615e4a4a40f424f2c600bc355b04111cadb000757bc9c05e4882e9f31214e814db76373d009eb50289f5bc5d5e95
- SSDEEP
  
  768:O5ZVdUHkWbOhML47V0CkTjZrZARhXTrNO5q1tG6J2vOpkfNNlcL/SLQpsI5jPe/9:O5z+Bbi260Ckkzjp7wC23fE/iM5jP
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2