b6237ce8a27b94f82628050897215257bd4466721b50c13b285e95dc29c3057c | Triage

Sharing

General

Target

b6237ce8a27b94f82628050897215257bd4466721b50c13b285e95dc29c3057c
Size

361KB
Sample

221202-z1bngaea93
MD5

4eea01266c594b5527408d62b2d71116
SHA1

78f505f4374a8b321874dff273ce03df657a23a1
SHA256

b6237ce8a27b94f82628050897215257bd4466721b50c13b285e95dc29c3057c
SHA512

c20d2e2eb4a1079780f3dd165fbe5003126e7249a811e64e35cae3c4e027d020821a7ccec30e557db8849110c8cec9dc9ec2a93a7079cf3b328eaef1914d6248
SSDEEP

6144:bflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:bflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  b6237ce8a27b94f82628050897215257bd4466721b50c13b285e95dc29c3057c
- Size
  
  361KB
- MD5
  
  4eea01266c594b5527408d62b2d71116
- SHA1
  
  78f505f4374a8b321874dff273ce03df657a23a1
- SHA256
  
  b6237ce8a27b94f82628050897215257bd4466721b50c13b285e95dc29c3057c
- SHA512
  
  c20d2e2eb4a1079780f3dd165fbe5003126e7249a811e64e35cae3c4e027d020821a7ccec30e557db8849110c8cec9dc9ec2a93a7079cf3b328eaef1914d6248
- SSDEEP
  
  6144:bflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:bflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2