76a59ba7ea2ece65f2fc9a69b4b386f3a3a78b2a74a17642837a19b61a3a4f3d | Triage

Sharing

General

Target

VirusShare_78f8f86179488bc063d21b243fc5d73c
Size

84KB
Sample

240610-ph4w7avblc
MD5

78f8f86179488bc063d21b243fc5d73c
SHA1

32b556629477fbdf83a119bf103eeb9811eeaea6
SHA256

76a59ba7ea2ece65f2fc9a69b4b386f3a3a78b2a74a17642837a19b61a3a4f3d
SHA512

32f3d7a465991a9c59dcfa1299ceaad6cb60c80674a2c1c8e783a94f44417b570b74eddfb700e1f16fc3e942c581c89e4921c9aa5b5b63b2536d126f781d6cd5
SSDEEP

768:gagCidRhOkc1freE+bnJsFz0pxKTe85FHRHkcqSUoFpPmqdiYZcYLjy+:gagVR6f4et0p+e85tVkh9oh5c6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_78f8f86179488bc063d21b243fc5d73c
- Size
  
  84KB
- MD5
  
  78f8f86179488bc063d21b243fc5d73c
- SHA1
  
  32b556629477fbdf83a119bf103eeb9811eeaea6
- SHA256
  
  76a59ba7ea2ece65f2fc9a69b4b386f3a3a78b2a74a17642837a19b61a3a4f3d
- SHA512
  
  32f3d7a465991a9c59dcfa1299ceaad6cb60c80674a2c1c8e783a94f44417b570b74eddfb700e1f16fc3e942c581c89e4921c9aa5b5b63b2536d126f781d6cd5
- SSDEEP
  
  768:gagCidRhOkc1freE+bnJsFz0pxKTe85FHRHkcqSUoFpPmqdiYZcYLjy+:gagVR6f4et0p+e85tVkh9oh5c6
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2