67e18a7359ea5b5f82924e255521757a1abd9b98bf802c23f6f462385c2f6b42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67e18a7359ea5b5f82924e255521757a1abd9b98bf802c23f6f462385c2f6b42
Size

361KB
Sample

221129-r9pmpaab76
MD5

4779ce91f6edc0555a156bf2b4658624
SHA1

e7782db97db1e36b9fb75cbbecd79043d60ea1d9
SHA256

67e18a7359ea5b5f82924e255521757a1abd9b98bf802c23f6f462385c2f6b42
SHA512

c870832ff5fe7ff3da7506788f1fb7c089d999ab9cd781fcf6b7650ee69c7cbc77e1b676cd313afa1cabffb9e8f14af12daaa57434884d6aa27b8fdf12e85661
SSDEEP

6144:YflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:YflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  67e18a7359ea5b5f82924e255521757a1abd9b98bf802c23f6f462385c2f6b42
- Size
  
  361KB
- MD5
  
  4779ce91f6edc0555a156bf2b4658624
- SHA1
  
  e7782db97db1e36b9fb75cbbecd79043d60ea1d9
- SHA256
  
  67e18a7359ea5b5f82924e255521757a1abd9b98bf802c23f6f462385c2f6b42
- SHA512
  
  c870832ff5fe7ff3da7506788f1fb7c089d999ab9cd781fcf6b7650ee69c7cbc77e1b676cd313afa1cabffb9e8f14af12daaa57434884d6aa27b8fdf12e85661
- SSDEEP
  
  6144:YflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:YflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2