d17cd401364d1ae642d731d07487cdb22cf65ece55659dac69ca085bdbf2e5c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1updater.exe
Size

5.4MB
Sample

231014-vntlasgb6y
MD5

6b186608ae3467e83e87954d8c8ce06e
SHA1

3bcfc7969c0376f96c30f2b7dd69ffefb6300316
SHA256

d17cd401364d1ae642d731d07487cdb22cf65ece55659dac69ca085bdbf2e5c5
SHA512

89f0b8e3c963ecd6ddbc68a879d29ff298f636670ec4eb837c50e0762bd472d7cf8b108003a86669a494662e955c9348b5778913b5c63c85f7719430c6be7a42
SSDEEP

98304:boeztU1HO7vybyLn5s9TP6FGS7IY8uhv88+MHLQTJUGuMoNPDtxCnQWUpUstI:U9CKbyLnK9T1PYLh881HOUZpNbGRULu

Score

10^/10

Malware Config

Targets

- Target
  
  1updater.exe
- Size
  
  5.4MB
- MD5
  
  6b186608ae3467e83e87954d8c8ce06e
- SHA1
  
  3bcfc7969c0376f96c30f2b7dd69ffefb6300316
- SHA256
  
  d17cd401364d1ae642d731d07487cdb22cf65ece55659dac69ca085bdbf2e5c5
- SHA512
  
  89f0b8e3c963ecd6ddbc68a879d29ff298f636670ec4eb837c50e0762bd472d7cf8b108003a86669a494662e955c9348b5778913b5c63c85f7719430c6be7a42
- SSDEEP
  
  98304:boeztU1HO7vybyLn5s9TP6FGS7IY8uhv88+MHLQTJUGuMoNPDtxCnQWUpUstI:U9CKbyLnK9T1PYLh881HOUZpNbGRULu
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1