ca09090772201fbfb8253ea6220394935206e9330782feecff757bb583683bda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ca09090772201fbfb8253ea6220394935206e9330782feecff757bb583683bda
Size

361KB
Sample

221129-nbn2qagb2z
MD5

2073aad9b6842840eeb1e9fc5a3790ed
SHA1

51a0af5f7ee71a82f92020cb0ec1fee221159281
SHA256

ca09090772201fbfb8253ea6220394935206e9330782feecff757bb583683bda
SHA512

762357992fde1e904cc384dbcac01c8a185a8d38f8b99a05e950e5256e059bf87e4acf269f87fdae1357cd2ec257e99ee6862ffcc3e119baecd5892e448845e6
SSDEEP

6144:FflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:FflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  ca09090772201fbfb8253ea6220394935206e9330782feecff757bb583683bda
- Size
  
  361KB
- MD5
  
  2073aad9b6842840eeb1e9fc5a3790ed
- SHA1
  
  51a0af5f7ee71a82f92020cb0ec1fee221159281
- SHA256
  
  ca09090772201fbfb8253ea6220394935206e9330782feecff757bb583683bda
- SHA512
  
  762357992fde1e904cc384dbcac01c8a185a8d38f8b99a05e950e5256e059bf87e4acf269f87fdae1357cd2ec257e99ee6862ffcc3e119baecd5892e448845e6
- SSDEEP
  
  6144:FflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:FflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2