8204e07bfa29aab98720124bf196dedf9fff662e32d010e4aac04294a965a301 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8204e07bfa29aab98720124bf196dedf9fff662e32d010e4aac04294a965a301
Size

361KB
Sample

221205-yzcnpscc79
MD5

5846c7fb4626e9c450a0d85e4c0495a7
SHA1

7a22cc181f2cc5deb49d78b837897087e73686ae
SHA256

8204e07bfa29aab98720124bf196dedf9fff662e32d010e4aac04294a965a301
SHA512

8203f9b12fdbac7de224607df47a29bfa29f6b16c4c3ac98c59a654e1acf40fc0375235c9500ebca9eddf189de03d9e3cdd5d9e525290c3899f235780accf47c
SSDEEP

6144:HflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:HflfAsiVGjSGecvX

Score

10^/10

Malware Config

Targets

- Target
  
  8204e07bfa29aab98720124bf196dedf9fff662e32d010e4aac04294a965a301
- Size
  
  361KB
- MD5
  
  5846c7fb4626e9c450a0d85e4c0495a7
- SHA1
  
  7a22cc181f2cc5deb49d78b837897087e73686ae
- SHA256
  
  8204e07bfa29aab98720124bf196dedf9fff662e32d010e4aac04294a965a301
- SHA512
  
  8203f9b12fdbac7de224607df47a29bfa29f6b16c4c3ac98c59a654e1acf40fc0375235c9500ebca9eddf189de03d9e3cdd5d9e525290c3899f235780accf47c
- SSDEEP
  
  6144:HflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:HflfAsiVGjSGecvX
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2