5fc8962c2a61a54403dbbbd6131582274b7a9c0d8f686793ff51b464915f0cd8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fc8962c2a61a54403dbbbd6131582274b7a9c0d8f686793ff51b464915f0cd8
Size

361KB
Sample

221202-z5d96aee37
MD5

1640a7c4f4fa54a78bba9065695e5a13
SHA1

c0982cd9dcce37ed3cf2249b3596dbad56104421
SHA256

5fc8962c2a61a54403dbbbd6131582274b7a9c0d8f686793ff51b464915f0cd8
SHA512

3ac8cdb5ca891e6fd783fe389aca3cb515cbdc10baab1d7fc17b5fabf05e956ed6f55acfc58fb383ef16c0f7fa707f2ede1e9a92a5e0fc1ed94ffac1556f012a
SSDEEP

6144:JflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:JflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  5fc8962c2a61a54403dbbbd6131582274b7a9c0d8f686793ff51b464915f0cd8
- Size
  
  361KB
- MD5
  
  1640a7c4f4fa54a78bba9065695e5a13
- SHA1
  
  c0982cd9dcce37ed3cf2249b3596dbad56104421
- SHA256
  
  5fc8962c2a61a54403dbbbd6131582274b7a9c0d8f686793ff51b464915f0cd8
- SHA512
  
  3ac8cdb5ca891e6fd783fe389aca3cb515cbdc10baab1d7fc17b5fabf05e956ed6f55acfc58fb383ef16c0f7fa707f2ede1e9a92a5e0fc1ed94ffac1556f012a
- SSDEEP
  
  6144:JflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:JflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2