d6b40904d2d07a8bed76920e5bd77beb993944655ddfd9b2f370eed3c4c9beff | Triage

Sharing

General

Target

d6b40904d2d07a8bed76920e5bd77beb993944655ddfd9b2f370eed3c4c9beff
Size

361KB
Sample

221121-ry4mgadg73
MD5

0a833f395e5ea4d8009636030b54c6b0
SHA1

1a911f3c0e77b39bb5c0a4325b7814467f0fa2f2
SHA256

d6b40904d2d07a8bed76920e5bd77beb993944655ddfd9b2f370eed3c4c9beff
SHA512

9adc73aaf79bc40dcd530e42762c42f2f4269d390cc998fd5756a3e0ad3a2a92d04a2e3c512aaf79a095780eea097bf173318470e73c83d04cb69918dbe11eaa
SSDEEP

6144:0flfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:0flfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  d6b40904d2d07a8bed76920e5bd77beb993944655ddfd9b2f370eed3c4c9beff
- Size
  
  361KB
- MD5
  
  0a833f395e5ea4d8009636030b54c6b0
- SHA1
  
  1a911f3c0e77b39bb5c0a4325b7814467f0fa2f2
- SHA256
  
  d6b40904d2d07a8bed76920e5bd77beb993944655ddfd9b2f370eed3c4c9beff
- SHA512
  
  9adc73aaf79bc40dcd530e42762c42f2f4269d390cc998fd5756a3e0ad3a2a92d04a2e3c512aaf79a095780eea097bf173318470e73c83d04cb69918dbe11eaa
- SSDEEP
  
  6144:0flfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:0flfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2