b005b9d4482debe85b9267b9712be8f85cac4b7239cec22c0338a76a939b8b6f | Triage

Sharing

General

Target

VirusShare_38cc70621750c4169089d4caa6ca7330
Size

104KB
Sample

240610-n9w5zsab91
MD5

38cc70621750c4169089d4caa6ca7330
SHA1

0b5e81a7c9f656fa7967585fba756968a3ea49b8
SHA256

b005b9d4482debe85b9267b9712be8f85cac4b7239cec22c0338a76a939b8b6f
SHA512

b249ac9f4ec76f4d502cdbe6b47f12782fe1eeb4d5d31300d765d144a16e31c3d960b13a5ac71cfe895dee50afaea3f46acfb2d031eafd94db65c9e0a1774c3c
SSDEEP

1536:qXiwshheUeactU+cWMvmdPQsjVxoAHX+qhxB6UTeT1QzKwa+7KzBvcy6R:xwP1d/cW7jVmE+qx6USJQudvc1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_38cc70621750c4169089d4caa6ca7330
- Size
  
  104KB
- MD5
  
  38cc70621750c4169089d4caa6ca7330
- SHA1
  
  0b5e81a7c9f656fa7967585fba756968a3ea49b8
- SHA256
  
  b005b9d4482debe85b9267b9712be8f85cac4b7239cec22c0338a76a939b8b6f
- SHA512
  
  b249ac9f4ec76f4d502cdbe6b47f12782fe1eeb4d5d31300d765d144a16e31c3d960b13a5ac71cfe895dee50afaea3f46acfb2d031eafd94db65c9e0a1774c3c
- SSDEEP
  
  1536:qXiwshheUeactU+cWMvmdPQsjVxoAHX+qhxB6UTeT1QzKwa+7KzBvcy6R:xwP1d/cW7jVmE+qx6USJQudvc1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2