48a0e0c2bde59989199473827062f26d358d13beedf36d41d37b4a33bd610f01 | Triage

Sharing

General

Target

48a0e0c2bde59989199473827062f26d358d13beedf36d41d37b4a33bd610f01
Size

361KB
Sample

220919-d5aq3seeb4
MD5

41b1922df67f74f82d19510fe42d76af
SHA1

3c9653d4007fb1d215432c53677bded272ddc863
SHA256

48a0e0c2bde59989199473827062f26d358d13beedf36d41d37b4a33bd610f01
SHA512

3ec00f1a031817847da223895f49589631468aa3117e4bb7479b0a4753fefd493f4097fc22b621507aa7fdfc6774467169494d78c60fdee1f8e8fd94cdafd0ae
SSDEEP

6144:TflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:TflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  48a0e0c2bde59989199473827062f26d358d13beedf36d41d37b4a33bd610f01
- Size
  
  361KB
- MD5
  
  41b1922df67f74f82d19510fe42d76af
- SHA1
  
  3c9653d4007fb1d215432c53677bded272ddc863
- SHA256
  
  48a0e0c2bde59989199473827062f26d358d13beedf36d41d37b4a33bd610f01
- SHA512
  
  3ec00f1a031817847da223895f49589631468aa3117e4bb7479b0a4753fefd493f4097fc22b621507aa7fdfc6774467169494d78c60fdee1f8e8fd94cdafd0ae
- SSDEEP
  
  6144:TflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:TflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2