af6fab41d6cd4f27bc30a6348989cf7ce77a36f5ceae46851b38222c9763e817 | Triage

Sharing

General

Target

af6fab41d6cd4f27bc30a6348989cf7ce77a36f5ceae46851b38222c9763e817
Size

361KB
Sample

221129-r67zvscg4x
MD5

fd6e677e34a77ee85aee3df8382bce73
SHA1

e26bf77728ddaa3e2634281d9b7fd6c149353da7
SHA256

af6fab41d6cd4f27bc30a6348989cf7ce77a36f5ceae46851b38222c9763e817
SHA512

ad6e02e2a8eea4716c1827412313021af2ce25cc8948461e9e88e4e0a64c9c7eea3dfd9ba8586ecc35fb50bff8cac9a0e950bcedc5cd6802c4b8ceeedca946cf
SSDEEP

6144:CflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:CflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  af6fab41d6cd4f27bc30a6348989cf7ce77a36f5ceae46851b38222c9763e817
- Size
  
  361KB
- MD5
  
  fd6e677e34a77ee85aee3df8382bce73
- SHA1
  
  e26bf77728ddaa3e2634281d9b7fd6c149353da7
- SHA256
  
  af6fab41d6cd4f27bc30a6348989cf7ce77a36f5ceae46851b38222c9763e817
- SHA512
  
  ad6e02e2a8eea4716c1827412313021af2ce25cc8948461e9e88e4e0a64c9c7eea3dfd9ba8586ecc35fb50bff8cac9a0e950bcedc5cd6802c4b8ceeedca946cf
- SSDEEP
  
  6144:CflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:CflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2