7ff1e5591884821027c211ee2cbca5e94f6784caaa1dc3462ede047daf831570 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ReduceMemory.zip
Size

958KB
Sample

230203-h6cdhsce48
MD5

45bb9b01f7690f5adb73923ef41f5633
SHA1

5e495716edfa173af572a2763de4dbb38b31aa3d
SHA256

7ff1e5591884821027c211ee2cbca5e94f6784caaa1dc3462ede047daf831570
SHA512

49fa79a8d2705a5016986a3925d6d846ebd15d4613d8fc1d770414f890c990a95b4cd86987fef8fb03fbf73a823ac9eccfbcd94cb7bf0da9acde7e3a05c1196d
SSDEEP

12288:KDfKjP5ZZ92R96kIphP0fyeWFpI/0BKSxq42IOX0i0dsbznkrkYqXTxh4DXdp5b4:WCTtphP0wwSY/JEDqM8QPsFhQiU+

Score

10^/10

Malware Config

Targets

- Target
  
  ReduceMemory/ReduceMemory.exe
- Size
  
  776KB
- MD5
  
  0d626331715cc35aa377a8503f85c92a
- SHA1
  
  26aad89595f00068151d3676297ceec394e718af
- SHA256
  
  3e541100c869dba06ee62252a9661e5a06c2e685a7ddd5288ea1358703412385
- SHA512
  
  6dcdc39672dd00873c55753ba02ad05dc61ef028a4de385d5af38f30c4959342ac25f0ae936a19fb29100a49ab379f16f5288578434e1aea83b03e596d999996
- SSDEEP
  
  12288:UaWzgMg7v3qnCiHErQohh0F4aCJ8lny7QSpJJ9vZ+dAy2s:LaHMv6C7rjCny7QQx+Is
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1 behavioral2
- Target
  
  ReduceMemory/ReduceMemory_x64.exe
- Size
  
  924KB
- MD5
  
  8a7c9501419cf48e10e922389108f49b
- SHA1
  
  e245780a7d462ed290aba299edd4ac669b416d7f
- SHA256
  
  21ea7a4dbc85a2e87cd9f107dfd6da64fb7efff659c5fcaccbfef74494d21aad
- SHA512
  
  7cf0c17ec4f570c0c584356e3953848f99324b651ce5c417de76587d1c9a92d1101c773250807c63e5b1439d230a173e17b6d436a6bf26510f289ae7dc800380
- SSDEEP
  
  24576:72DW/xbeX2YIbmQsu3/PNLEQ2HySr7gqiy5:72EqXTQsW/PNIQOXgqi0
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4