73ceddcee12e222bd40d57f3d9eec8d43964d3488368c534e0ab8dcdc717984d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73ceddcee12e222bd40d57f3d9eec8d43964d3488368c534e0ab8dcdc717984d
Size

361KB
Sample

221129-r9atjach8y
MD5

1a4852c02e5fe42ea7fceec0cf85386a
SHA1

e6e51b540a376541742377ba8a4abde852850499
SHA256

73ceddcee12e222bd40d57f3d9eec8d43964d3488368c534e0ab8dcdc717984d
SHA512

74f7801d08421c7f0af25b4029df27d7f5d2982d730d8997302dd6eec6e8641c07f391a2586a8b7f15d363920de60af17780e312b1b0121e79fa4558a31d4c1d
SSDEEP

6144:lflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:lflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  73ceddcee12e222bd40d57f3d9eec8d43964d3488368c534e0ab8dcdc717984d
- Size
  
  361KB
- MD5
  
  1a4852c02e5fe42ea7fceec0cf85386a
- SHA1
  
  e6e51b540a376541742377ba8a4abde852850499
- SHA256
  
  73ceddcee12e222bd40d57f3d9eec8d43964d3488368c534e0ab8dcdc717984d
- SHA512
  
  74f7801d08421c7f0af25b4029df27d7f5d2982d730d8997302dd6eec6e8641c07f391a2586a8b7f15d363920de60af17780e312b1b0121e79fa4558a31d4c1d
- SSDEEP
  
  6144:lflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:lflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2