5a79b76087ba533fabf82d2c8c4e1edb2675bc0fae7f6b093f0fa92bcc881380 | Triage

Sharing

General

Target

5a79b76087ba533fabf82d2c8c4e1edb2675bc0fae7f6b093f0fa92bcc881380
Size

361KB
Sample

221205-y1gztacd89
MD5

559c96b48faaf2f57bf43c130e978f97
SHA1

988216910ed96a6847c03e847a628e69c7687be4
SHA256

5a79b76087ba533fabf82d2c8c4e1edb2675bc0fae7f6b093f0fa92bcc881380
SHA512

d2fefd26f9493e8ed748a0218129280eca86530f6992dd63a0fba4ba3b4ba1cdf9c5d2c067d18bc110d031e3395a29e371bf27d972642f84cfbff66a854c826f
SSDEEP

6144:BflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:BflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  5a79b76087ba533fabf82d2c8c4e1edb2675bc0fae7f6b093f0fa92bcc881380
- Size
  
  361KB
- MD5
  
  559c96b48faaf2f57bf43c130e978f97
- SHA1
  
  988216910ed96a6847c03e847a628e69c7687be4
- SHA256
  
  5a79b76087ba533fabf82d2c8c4e1edb2675bc0fae7f6b093f0fa92bcc881380
- SHA512
  
  d2fefd26f9493e8ed748a0218129280eca86530f6992dd63a0fba4ba3b4ba1cdf9c5d2c067d18bc110d031e3395a29e371bf27d972642f84cfbff66a854c826f
- SSDEEP
  
  6144:BflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:BflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2