f7b3bf4616cffa16972fbefad120f2f2b603659af30bf1b6b7ee614134e6af7d | Triage

Resubmissions

25/09/2024, 13:00

240925-p8w92awgml 10

25/09/2024, 12:58

240925-p7skfswfqq 10

Sharing

Copy URL Twitter E-mail

General

Target

clean-dropper.exe
Size

556KB
Sample

240925-p7skfswfqq
MD5

9678158d390f6a61a64eff9c67c7264f
SHA1

a9dd9bc1ff0bb1de67c2fb7a11023569c8972157
SHA256

f7b3bf4616cffa16972fbefad120f2f2b603659af30bf1b6b7ee614134e6af7d
SHA512

214ea34f775136a1270c5341948c40c28e5d65eeb64783c602731856da72172f88aa68d2c3d70ad4265cd3179b5e1f10adff02718e85eb9eac7fa7144a0f872e
SSDEEP

12288:tPACp3CFp6SYPFsBGEKlsOK8dk9AGNR4:tPLp3CFp6S9Bylo8dGn

Score

10^/10

Malware Config

Targets

- Target
  
  clean-dropper.exe
- Size
  
  556KB
- MD5
  
  9678158d390f6a61a64eff9c67c7264f
- SHA1
  
  a9dd9bc1ff0bb1de67c2fb7a11023569c8972157
- SHA256
  
  f7b3bf4616cffa16972fbefad120f2f2b603659af30bf1b6b7ee614134e6af7d
- SHA512
  
  214ea34f775136a1270c5341948c40c28e5d65eeb64783c602731856da72172f88aa68d2c3d70ad4265cd3179b5e1f10adff02718e85eb9eac7fa7144a0f872e
- SSDEEP
  
  12288:tPACp3CFp6SYPFsBGEKlsOK8dk9AGNR4:tPLp3CFp6S9Bylo8dGn
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Downloads MZ/PE file
- Deletes itself
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4