612937de6a7ae573ff13b36879bdc62669fa8c3cd3dd4ef471f8fd12942da368 | Triage

Sharing

General

Target

612937de6a7ae573ff13b36879bdc62669fa8c3cd3dd4ef471f8fd12942da368
Size

361KB
Sample

221202-w73hzscd65
MD5

d988f7c24487d404f70c1b65df1281b1
SHA1

2d936e717f028e3bf261b5ee4303f2534c4298be
SHA256

612937de6a7ae573ff13b36879bdc62669fa8c3cd3dd4ef471f8fd12942da368
SHA512

b47f9e50da92f82d2d443489f7ae899f1c68d2bbef5fb4e646d4780a0bc2da7fc6245f6ffdebaec21b36a42fb243bffb304a83bdf83e0e3507e4cf60ea94c94e
SSDEEP

6144:KflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:KflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  612937de6a7ae573ff13b36879bdc62669fa8c3cd3dd4ef471f8fd12942da368
- Size
  
  361KB
- MD5
  
  d988f7c24487d404f70c1b65df1281b1
- SHA1
  
  2d936e717f028e3bf261b5ee4303f2534c4298be
- SHA256
  
  612937de6a7ae573ff13b36879bdc62669fa8c3cd3dd4ef471f8fd12942da368
- SHA512
  
  b47f9e50da92f82d2d443489f7ae899f1c68d2bbef5fb4e646d4780a0bc2da7fc6245f6ffdebaec21b36a42fb243bffb304a83bdf83e0e3507e4cf60ea94c94e
- SSDEEP
  
  6144:KflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:KflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2