a292902236a256ab0d57e299a7381f89ca146e5e72440de7bdddff5eb58fd90e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a292902236a256ab0d57e299a7381f89ca146e5e72440de7bdddff5eb58fd90e
Size

361KB
Sample

221202-z18cfaeb65
MD5

f39e827caa6b6afe35930c1a52279626
SHA1

da9edf26d5e41ccf050ab95ec40e527f252c8049
SHA256

a292902236a256ab0d57e299a7381f89ca146e5e72440de7bdddff5eb58fd90e
SHA512

07b5a27fd31accd5469581f71c5f817e3e0fc1fc90d6cb91acc584de7f7c34264ff50a36bba22a07e626f141d514470818308bb3ba276f7ee7b92e01ab445f58
SSDEEP

6144:ZflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:ZflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  a292902236a256ab0d57e299a7381f89ca146e5e72440de7bdddff5eb58fd90e
- Size
  
  361KB
- MD5
  
  f39e827caa6b6afe35930c1a52279626
- SHA1
  
  da9edf26d5e41ccf050ab95ec40e527f252c8049
- SHA256
  
  a292902236a256ab0d57e299a7381f89ca146e5e72440de7bdddff5eb58fd90e
- SHA512
  
  07b5a27fd31accd5469581f71c5f817e3e0fc1fc90d6cb91acc584de7f7c34264ff50a36bba22a07e626f141d514470818308bb3ba276f7ee7b92e01ab445f58
- SSDEEP
  
  6144:ZflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:ZflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2