7edf44694ea438f9f23a04f42f31adb7aadf2e887848a1f7e5c8b56bb04d3c7a | Triage

Sharing

General

Target

7edf44694ea438f9f23a04f42f31adb7aadf2e887848a1f7e5c8b56bb04d3c7a
Size

361KB
Sample

220919-d5gjmaaebq
MD5

420c3fddb569a10e301d69dd05f1bd63
SHA1

39b84948f28695c2313822682e580c18803e2c9e
SHA256

7edf44694ea438f9f23a04f42f31adb7aadf2e887848a1f7e5c8b56bb04d3c7a
SHA512

0526f0dadaf16bf923d1d9ae38036537ccb0b5a7d79ae4942b255b0b2e8110ef436a5a1201673f9eb1e35bd733abd29cf1fe1924959f68442524634b6689b02d
SSDEEP

6144:CMflfAsiL4lIJjiJcbI03GBc3ucY5DCSjXJ:vflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  7edf44694ea438f9f23a04f42f31adb7aadf2e887848a1f7e5c8b56bb04d3c7a
- Size
  
  361KB
- MD5
  
  420c3fddb569a10e301d69dd05f1bd63
- SHA1
  
  39b84948f28695c2313822682e580c18803e2c9e
- SHA256
  
  7edf44694ea438f9f23a04f42f31adb7aadf2e887848a1f7e5c8b56bb04d3c7a
- SHA512
  
  0526f0dadaf16bf923d1d9ae38036537ccb0b5a7d79ae4942b255b0b2e8110ef436a5a1201673f9eb1e35bd733abd29cf1fe1924959f68442524634b6689b02d
- SSDEEP
  
  6144:CMflfAsiL4lIJjiJcbI03GBc3ucY5DCSjXJ:vflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2