6986dcd77885aff516bbcc9192d06158a92bc3c0909354432d09b39a2c75c42b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6986dcd77885aff516bbcc9192d06158a92bc3c0909354432d09b39a2c75c42b
Size

361KB
Sample

221205-yz1erscd48
MD5

2c480ac0bf6bd649feae3568ea2303bd
SHA1

1107b109246056391664e95ca05505e0ddcefa49
SHA256

6986dcd77885aff516bbcc9192d06158a92bc3c0909354432d09b39a2c75c42b
SHA512

b69bc8f31a0d56b510e1e6e5bf6b1eec2192a287f0f8822372fb0ecf4b18f07895249ee189425d50db47947f62f6391b09915c4d6fed02a472d28023c406406e
SSDEEP

6144:GflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:GflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  6986dcd77885aff516bbcc9192d06158a92bc3c0909354432d09b39a2c75c42b
- Size
  
  361KB
- MD5
  
  2c480ac0bf6bd649feae3568ea2303bd
- SHA1
  
  1107b109246056391664e95ca05505e0ddcefa49
- SHA256
  
  6986dcd77885aff516bbcc9192d06158a92bc3c0909354432d09b39a2c75c42b
- SHA512
  
  b69bc8f31a0d56b510e1e6e5bf6b1eec2192a287f0f8822372fb0ecf4b18f07895249ee189425d50db47947f62f6391b09915c4d6fed02a472d28023c406406e
- SSDEEP
  
  6144:GflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:GflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2