fd4ae59beefdc66dbcf109e4394bb1b9629e906b35e7ed485de763a7c1df5fc2 | Triage

Sharing

General

Target

fd4ae59beefdc66dbcf109e4394bb1b9629e906b35e7ed485de763a7c1df5fc2
Size

361KB
Sample

221204-ktk61ahc5z
MD5

43e8fbe90cae86a1b12e119db1f49ab0
SHA1

f345b6592b283601e9e232219c4bc78439d25565
SHA256

fd4ae59beefdc66dbcf109e4394bb1b9629e906b35e7ed485de763a7c1df5fc2
SHA512

1e82d00738d3af31c7fb8bdc218dc425095d9e851b834b62bc6013118d74251a8d7f77010c1ff7fba12c9ca6c527598c645e91b4994dbee97f18c36c554bd4ec
SSDEEP

6144:JflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:JflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  fd4ae59beefdc66dbcf109e4394bb1b9629e906b35e7ed485de763a7c1df5fc2
- Size
  
  361KB
- MD5
  
  43e8fbe90cae86a1b12e119db1f49ab0
- SHA1
  
  f345b6592b283601e9e232219c4bc78439d25565
- SHA256
  
  fd4ae59beefdc66dbcf109e4394bb1b9629e906b35e7ed485de763a7c1df5fc2
- SHA512
  
  1e82d00738d3af31c7fb8bdc218dc425095d9e851b834b62bc6013118d74251a8d7f77010c1ff7fba12c9ca6c527598c645e91b4994dbee97f18c36c554bd4ec
- SSDEEP
  
  6144:JflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:JflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2