57fd6973ae1ee5bc249420f5bfae5737bc4c9cbbf0caac146194044d390f9efc | Triage

Sharing

General

Target

57fd6973ae1ee5bc249420f5bfae5737bc4c9cbbf0caac146194044d390f9efc
Size

178KB
Sample

191213-8pdltp3nzn
MD5

7fd7b14acff688e84b811d03e1831552
SHA1

f3f4e4d2200d37b1f6b4a13ff61a0a1c4766ce04
SHA256

57fd6973ae1ee5bc249420f5bfae5737bc4c9cbbf0caac146194044d390f9efc
SHA512

93bcf1cf822095b5f74ea73e9e56739fe8e7fc80aa99a6ec1b91a5fca1fd14600d60ea0878595a53e6890b3c7edce6be894ebaa305233d50b1d336255fa9a5e4

Score

5^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://kaikeline.com/1B/

exe.dropper

http://irpot.com/css/jRk5gg/

exe.dropper

http://kartcup.net/picture_library/eqop/

exe.dropper

http://lakelass.com/cgi-bin/2dhm/

exe.dropper

http://ouimet.biz/cgi-bin/l/

Targets

- Target
  
  57fd6973ae1ee5bc249420f5bfae5737bc4c9cbbf0caac146194044d390f9efc
- Size
  
  178KB
- MD5
  
  7fd7b14acff688e84b811d03e1831552
- SHA1
  
  f3f4e4d2200d37b1f6b4a13ff61a0a1c4766ce04
- SHA256
  
  57fd6973ae1ee5bc249420f5bfae5737bc4c9cbbf0caac146194044d390f9efc
- SHA512
  
  93bcf1cf822095b5f74ea73e9e56739fe8e7fc80aa99a6ec1b91a5fca1fd14600d60ea0878595a53e6890b3c7edce6be894ebaa305233d50b1d336255fa9a5e4
Score

5^/10
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
task1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

dropperexploitermaldoc