88325f3d694f40eeb81eae5b0ed4b107b6228bab70cbdc2f9674e61a09a66563 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_11b5b821acfe784f05c809fc5013abc0
Size

104KB
Sample

240610-pnngdsvdmc
MD5

11b5b821acfe784f05c809fc5013abc0
SHA1

908a3cfb96b21d04b38fd99502e67de48de0b9c5
SHA256

88325f3d694f40eeb81eae5b0ed4b107b6228bab70cbdc2f9674e61a09a66563
SHA512

b1a331d31be4e00d6285f4f14400dcb4ee92c6724eab9052756d79329f6ad435156b9aaa1ffb677f799ac3f9ab6346edf0bb1ccbc08a90bd210337019b00fd62
SSDEEP

3072:NDjabtcLayLXD6riZEW4NaBZdZa+gnza:Nyb40NaBZ/r

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_11b5b821acfe784f05c809fc5013abc0
- Size
  
  104KB
- MD5
  
  11b5b821acfe784f05c809fc5013abc0
- SHA1
  
  908a3cfb96b21d04b38fd99502e67de48de0b9c5
- SHA256
  
  88325f3d694f40eeb81eae5b0ed4b107b6228bab70cbdc2f9674e61a09a66563
- SHA512
  
  b1a331d31be4e00d6285f4f14400dcb4ee92c6724eab9052756d79329f6ad435156b9aaa1ffb677f799ac3f9ab6346edf0bb1ccbc08a90bd210337019b00fd62
- SSDEEP
  
  3072:NDjabtcLayLXD6riZEW4NaBZdZa+gnza:Nyb40NaBZ/r
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2