bbdd53e4a55fc050412ad568f4183d142008bd1c498bd4e7acde0acc27e3f042 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbdd53e4a55fc050412ad568f4183d142008bd1c498bd4e7acde0acc27e3f042
Size

361KB
Sample

221129-r6yfeshh88
MD5

6f40a0ddd2f7f249254d256aa362b500
SHA1

b85d8305fccea2bf645b204108f99dfa613fe4cb
SHA256

bbdd53e4a55fc050412ad568f4183d142008bd1c498bd4e7acde0acc27e3f042
SHA512

c4ea4a895b125e4448c8307bdb1afcf576dfae2db211cfbcb07882e2c6526dd8a256af3fe4fa6e2095fccd78fc86ae60e434cceecc519b9ce174d2a9a2af78c7
SSDEEP

6144:uflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:uflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  bbdd53e4a55fc050412ad568f4183d142008bd1c498bd4e7acde0acc27e3f042
- Size
  
  361KB
- MD5
  
  6f40a0ddd2f7f249254d256aa362b500
- SHA1
  
  b85d8305fccea2bf645b204108f99dfa613fe4cb
- SHA256
  
  bbdd53e4a55fc050412ad568f4183d142008bd1c498bd4e7acde0acc27e3f042
- SHA512
  
  c4ea4a895b125e4448c8307bdb1afcf576dfae2db211cfbcb07882e2c6526dd8a256af3fe4fa6e2095fccd78fc86ae60e434cceecc519b9ce174d2a9a2af78c7
- SSDEEP
  
  6144:uflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:uflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2