6d131c347e95abc7aedf92773ee5b94593279c62bf02528365544a663bf0826c | Triage

Sharing

General

Target

6d131c347e95abc7aedf92773ee5b94593279c62bf02528365544a663bf0826c
Size

361KB
Sample

220919-d44yjaaean
MD5

437309d104ca341348f98d56425358fc
SHA1

41494a4c7d122570ea1d14f1ba9605b0242134f5
SHA256

6d131c347e95abc7aedf92773ee5b94593279c62bf02528365544a663bf0826c
SHA512

8e140990002713aacdb5a5c42e2cf39c911f0660b75ec9a7da6ebc3e29a1dd56018d3dc3c2150e4e8ecf176a33caafb603b830cad57a7da7b482d405f5416973
SSDEEP

6144:WflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:WflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  6d131c347e95abc7aedf92773ee5b94593279c62bf02528365544a663bf0826c
- Size
  
  361KB
- MD5
  
  437309d104ca341348f98d56425358fc
- SHA1
  
  41494a4c7d122570ea1d14f1ba9605b0242134f5
- SHA256
  
  6d131c347e95abc7aedf92773ee5b94593279c62bf02528365544a663bf0826c
- SHA512
  
  8e140990002713aacdb5a5c42e2cf39c911f0660b75ec9a7da6ebc3e29a1dd56018d3dc3c2150e4e8ecf176a33caafb603b830cad57a7da7b482d405f5416973
- SSDEEP
  
  6144:WflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:WflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2