3c220bdf4633d0a42310a0547ec592caf432c351a4a8df0c68a78bd408d26716 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c220bdf4633d0a42310a0547ec592caf432c351a4a8df0c68a78bd408d26716
Size

315KB
Sample

221002-km5xtshcbr
MD5

6739c0a55ac3fc99f87ef540c94015d0
SHA1

e2666e656efd4dce2c9ea257a65d1d81cf8351b0
SHA256

3c220bdf4633d0a42310a0547ec592caf432c351a4a8df0c68a78bd408d26716
SHA512

54fee8945d8b6a9a42c5c5ba5e70f4649526d2e6d5e2707d97883dadc5b650350de143941083dd12c43a2de57baae08261600d7693c35a6b54ba798d46175f62
SSDEEP

6144:QreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x98D:QrzVm/kkuveY3MGWzlx7DMS7dG98D

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3c220bdf4633d0a42310a0547ec592caf432c351a4a8df0c68a78bd408d26716
- Size
  
  315KB
- MD5
  
  6739c0a55ac3fc99f87ef540c94015d0
- SHA1
  
  e2666e656efd4dce2c9ea257a65d1d81cf8351b0
- SHA256
  
  3c220bdf4633d0a42310a0547ec592caf432c351a4a8df0c68a78bd408d26716
- SHA512
  
  54fee8945d8b6a9a42c5c5ba5e70f4649526d2e6d5e2707d97883dadc5b650350de143941083dd12c43a2de57baae08261600d7693c35a6b54ba798d46175f62
- SSDEEP
  
  6144:QreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x98D:QrzVm/kkuveY3MGWzlx7DMS7dG98D
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2