9973d39084db4d0f5b6ff447cc7ad9fa7534bab913c68e40de1a79e04d6bcea8 | Triage

Sharing

General

Target

9973d39084db4d0f5b6ff447cc7ad9fa7534bab913c68e40de1a79e04d6bcea8
Size

361KB
Sample

221021-ccr9zsfegp
MD5

4d3e89284dc72d2daacd0a30bc4b4b90
SHA1

4205620a018a1986794ccd956a85689c9640268d
SHA256

9973d39084db4d0f5b6ff447cc7ad9fa7534bab913c68e40de1a79e04d6bcea8
SHA512

2f3b82c49645b27c0608aed8354c5aebb8d64a22f12b7c932ab82be388fec8c168fe5563767f2f28b18127f30720bba73f7638cff76c3e8f915c09b9ed5a55f4
SSDEEP

6144:wflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:wflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  9973d39084db4d0f5b6ff447cc7ad9fa7534bab913c68e40de1a79e04d6bcea8
- Size
  
  361KB
- MD5
  
  4d3e89284dc72d2daacd0a30bc4b4b90
- SHA1
  
  4205620a018a1986794ccd956a85689c9640268d
- SHA256
  
  9973d39084db4d0f5b6ff447cc7ad9fa7534bab913c68e40de1a79e04d6bcea8
- SHA512
  
  2f3b82c49645b27c0608aed8354c5aebb8d64a22f12b7c932ab82be388fec8c168fe5563767f2f28b18127f30720bba73f7638cff76c3e8f915c09b9ed5a55f4
- SSDEEP
  
  6144:wflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:wflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2