9773bcd1383410649884abe2985277f4d51e839f6f49446d13ab67e0bd18f413 | Triage

Resubmissions

21/08/2023, 17:01

230821-vjzxhsgb5z 10

21/08/2023, 17:00

230821-vh3xsaee62 10

21/08/2023, 16:24

230821-twc3vaec52 10

Sharing

General

Target

MS.exe
Size

9.9MB
Sample

230821-vh3xsaee62
MD5

ed1da88dca5699f9e01a7e4fa08be78c
SHA1

1cc67cbe8cf95217bd7f22a1e30702bf9d45e806
SHA256

9773bcd1383410649884abe2985277f4d51e839f6f49446d13ab67e0bd18f413
SHA512

4e5a80bbe65c90a25b6f7907acf269c46ddb0ad09ac859c806e03e3aa0854afcb4d08e1e4176b8dfe9b852b91f7bf1ab510f53ae6945b654083561ecc7a7e2ef
SSDEEP

98304:S0BBtfCIB45NkGHBYL8ue/G0w+13bqUbY78fxLjm0lVITfd58awFhYkORmpHVh5p:SQqIBkNduyBK8fvhV+p6e768ER

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  MS.exe
- Size
  
  9.9MB
- MD5
  
  ed1da88dca5699f9e01a7e4fa08be78c
- SHA1
  
  1cc67cbe8cf95217bd7f22a1e30702bf9d45e806
- SHA256
  
  9773bcd1383410649884abe2985277f4d51e839f6f49446d13ab67e0bd18f413
- SHA512
  
  4e5a80bbe65c90a25b6f7907acf269c46ddb0ad09ac859c806e03e3aa0854afcb4d08e1e4176b8dfe9b852b91f7bf1ab510f53ae6945b654083561ecc7a7e2ef
- SSDEEP
  
  98304:S0BBtfCIB45NkGHBYL8ue/G0w+13bqUbY78fxLjm0lVITfd58awFhYkORmpHVh5p:SQqIBkNduyBK8fvhV+p6e768ER
Score

10^/10

evasion
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Stops running service(s)
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1