88124ceeec483223de3758ac271e48e36a4d6fadebd27e2d995634101e9f0908 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88124ceeec483223de3758ac271e48e36a4d6fadebd27e2d995634101e9f0908
Size

361KB
Sample

221205-yyzf3scc54
MD5

3a299aa36d505322194a80520303ffd0
SHA1

da08ec38957958a8d7e1ae85ef0be29df9ec3f35
SHA256

88124ceeec483223de3758ac271e48e36a4d6fadebd27e2d995634101e9f0908
SHA512

39d483652ede98375a45d4415d7fe4ffc3a98af338a72c88ceb15f3403df2f52a95e069e6ca4b13dc76c15c817d80a3062b46a3b14b3c68b27a694a56163e39f
SSDEEP

6144:vflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:vflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  88124ceeec483223de3758ac271e48e36a4d6fadebd27e2d995634101e9f0908
- Size
  
  361KB
- MD5
  
  3a299aa36d505322194a80520303ffd0
- SHA1
  
  da08ec38957958a8d7e1ae85ef0be29df9ec3f35
- SHA256
  
  88124ceeec483223de3758ac271e48e36a4d6fadebd27e2d995634101e9f0908
- SHA512
  
  39d483652ede98375a45d4415d7fe4ffc3a98af338a72c88ceb15f3403df2f52a95e069e6ca4b13dc76c15c817d80a3062b46a3b14b3c68b27a694a56163e39f
- SSDEEP
  
  6144:vflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:vflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2