b51873ae98316c03ceceaa52c3c6dc30df531f04a0b41476ab95109b3dc45850 | Triage

Sharing

General

Target

b51873ae98316c03ceceaa52c3c6dc30df531f04a0b41476ab95109b3dc45850
Size

361KB
Sample

221203-wkk1esfh3z
MD5

79301cf6514d1378083aac4d377207ee
SHA1

6e53355836152696125bc1ffd9ddb55df3f3e81d
SHA256

b51873ae98316c03ceceaa52c3c6dc30df531f04a0b41476ab95109b3dc45850
SHA512

1aaf59566fdeb5a14a3d2a773623c27acbe7b4bf51ce93ea90e580714108fc0bc202976959a1dba4bbd2aa2c02678ecbe75f1b01a67f2072f3ff025313f246e0
SSDEEP

6144:OflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:OflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  b51873ae98316c03ceceaa52c3c6dc30df531f04a0b41476ab95109b3dc45850
- Size
  
  361KB
- MD5
  
  79301cf6514d1378083aac4d377207ee
- SHA1
  
  6e53355836152696125bc1ffd9ddb55df3f3e81d
- SHA256
  
  b51873ae98316c03ceceaa52c3c6dc30df531f04a0b41476ab95109b3dc45850
- SHA512
  
  1aaf59566fdeb5a14a3d2a773623c27acbe7b4bf51ce93ea90e580714108fc0bc202976959a1dba4bbd2aa2c02678ecbe75f1b01a67f2072f3ff025313f246e0
- SSDEEP
  
  6144:OflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:OflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2