9bb473ab3f27f7f17dea16be8bd5d5e3810f40a3b490d25dd91645bd545a9925 | Triage

Sharing

General

Target

9bb473ab3f27f7f17dea16be8bd5d5e3810f40a3b490d25dd91645bd545a9925
Size

361KB
Sample

221011-rmpn6shfhn
MD5

20d9f4fb1bf5fb7e7affce91ade4bba0
SHA1

273d7ed7c528289e49ac0e6a8f76af355b8b08fe
SHA256

9bb473ab3f27f7f17dea16be8bd5d5e3810f40a3b490d25dd91645bd545a9925
SHA512

a9d27d6b3e8d5e8b992c9d16cba5cbf472f68ee013ee14f269fa1fbb5b1c0f57997aa8d4b43e0df4355ae54b7f2ab2150f3e6d5886cf0efbd2ed609e56534439
SSDEEP

6144:kflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:kflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  9bb473ab3f27f7f17dea16be8bd5d5e3810f40a3b490d25dd91645bd545a9925
- Size
  
  361KB
- MD5
  
  20d9f4fb1bf5fb7e7affce91ade4bba0
- SHA1
  
  273d7ed7c528289e49ac0e6a8f76af355b8b08fe
- SHA256
  
  9bb473ab3f27f7f17dea16be8bd5d5e3810f40a3b490d25dd91645bd545a9925
- SHA512
  
  a9d27d6b3e8d5e8b992c9d16cba5cbf472f68ee013ee14f269fa1fbb5b1c0f57997aa8d4b43e0df4355ae54b7f2ab2150f3e6d5886cf0efbd2ed609e56534439
- SSDEEP
  
  6144:kflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:kflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2