4f47113160a36eafa5ada3c0fb2f7b6b57f3e18618588816082af374aa53a21e | Triage

Sharing

General

Target

VirusShare_61bfb774323674d959fd908a74dcd912
Size

72KB
Sample

240610-pdt67aad7y
MD5

61bfb774323674d959fd908a74dcd912
SHA1

1b4ba6b524574a7696d39d7fa8989956eaba9af9
SHA256

4f47113160a36eafa5ada3c0fb2f7b6b57f3e18618588816082af374aa53a21e
SHA512

1b23e935ccb4e5c631cfcbde2fc87732be076ab9022fd28f1b0cc1436299e12a5d723c87144f95446e4ea9e4d74e5e793a48808186c48a92a45464b68faa6283
SSDEEP

1536:rS83PLTL2ogogQCfy/lASxnwGQKUxO/QIjrzO:rt3b2ToFlAMI5IXz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_61bfb774323674d959fd908a74dcd912
- Size
  
  72KB
- MD5
  
  61bfb774323674d959fd908a74dcd912
- SHA1
  
  1b4ba6b524574a7696d39d7fa8989956eaba9af9
- SHA256
  
  4f47113160a36eafa5ada3c0fb2f7b6b57f3e18618588816082af374aa53a21e
- SHA512
  
  1b23e935ccb4e5c631cfcbde2fc87732be076ab9022fd28f1b0cc1436299e12a5d723c87144f95446e4ea9e4d74e5e793a48808186c48a92a45464b68faa6283
- SSDEEP
  
  1536:rS83PLTL2ogogQCfy/lASxnwGQKUxO/QIjrzO:rt3b2ToFlAMI5IXz
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2