f2dee10b440d0e0d0ddf1de5125e05fdbae7fd8e6b61f02bb6c98f70f78027d1 | Triage

Sharing

General

Target

f2dee10b440d0e0d0ddf1de5125e05fdbae7fd8e6b61f02bb6c98f70f78027d1
Size

33KB
Sample

221001-1xhhaaafbp
MD5

6e4ff4bd79a26596bd4c482c1bb48b46
SHA1

a5b7d1874bb17fcff30c5a444718e9dcc678cd4a
SHA256

f2dee10b440d0e0d0ddf1de5125e05fdbae7fd8e6b61f02bb6c98f70f78027d1
SHA512

3b355c8dddbbecd7362136f675a1dfef688fe536fd8fabe4ea349ebd8ce978631252e78d1791056684d43b4a647abf26b33835a62dbd1cc415fe3b925fe44d0a
SSDEEP

384:PuH+6ahr6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:Pk+5nD7BaJgWFda4cJq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f2dee10b440d0e0d0ddf1de5125e05fdbae7fd8e6b61f02bb6c98f70f78027d1
- Size
  
  33KB
- MD5
  
  6e4ff4bd79a26596bd4c482c1bb48b46
- SHA1
  
  a5b7d1874bb17fcff30c5a444718e9dcc678cd4a
- SHA256
  
  f2dee10b440d0e0d0ddf1de5125e05fdbae7fd8e6b61f02bb6c98f70f78027d1
- SHA512
  
  3b355c8dddbbecd7362136f675a1dfef688fe536fd8fabe4ea349ebd8ce978631252e78d1791056684d43b4a647abf26b33835a62dbd1cc415fe3b925fe44d0a
- SSDEEP
  
  384:PuH+6ahr6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:Pk+5nD7BaJgWFda4cJq
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2