343d0a257966b8e0d983b6861e667323e89cd3b43c6f2ea5480308130ad10b0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_5d716effb7126caba1c14f637f849f50
Size

116KB
Sample

240610-ptqtpsvfrc
MD5

5d716effb7126caba1c14f637f849f50
SHA1

610182695ea86e33b029fa4b400cd5b2e03516e5
SHA256

343d0a257966b8e0d983b6861e667323e89cd3b43c6f2ea5480308130ad10b0a
SHA512

2183c132a822cd03707a7093e1611c1dc0ecf0d9ee49d284fc55e2ddd2704d207b9c5ea0528fc58589f4cef01d9c389e610fca3a314e7a0005d9052844b4ae0d
SSDEEP

1536:NEaM2ehd3bqByq3lS0rayo9rgo9duT9qWo4VauIGuh/RrPD+Znaia:P83kRg0raywD9wZjo4Va/ZRjD+Znza

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  VirusShare_5d716effb7126caba1c14f637f849f50
- Size
  
  116KB
- MD5
  
  5d716effb7126caba1c14f637f849f50
- SHA1
  
  610182695ea86e33b029fa4b400cd5b2e03516e5
- SHA256
  
  343d0a257966b8e0d983b6861e667323e89cd3b43c6f2ea5480308130ad10b0a
- SHA512
  
  2183c132a822cd03707a7093e1611c1dc0ecf0d9ee49d284fc55e2ddd2704d207b9c5ea0528fc58589f4cef01d9c389e610fca3a314e7a0005d9052844b4ae0d
- SSDEEP
  
  1536:NEaM2ehd3bqByq3lS0rayo9rgo9duT9qWo4VauIGuh/RrPD+Znaia:P83kRg0raywD9wZjo4Va/ZRjD+Znza
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2