aaa0ca6403b43a479f6da7c92b4a674028b3e459c1bafd2e6600594af6e64587 | Triage

Sharing

General

Target

aaa0ca6403b43a479f6da7c92b4a674028b3e459c1bafd2e6600594af6e64587
Size

488KB
Sample

221011-mk3qssadgn
MD5

6b06151e69a13a10f07b19ffa3a057b0
SHA1

12548e659c62b4e801bfdd8fc6f86b7800d30b6f
SHA256

aaa0ca6403b43a479f6da7c92b4a674028b3e459c1bafd2e6600594af6e64587
SHA512

84d60d12e0ca2ef7545897ae803158a6f4c3ec1766a864b977191de2e64551e3435bf8863538409a3d2f1d96625035ec91cfee1a907a4291c36815e8ef072ec9
SSDEEP

12288:IlHIeD3h/N1jpZNi9R+swevu2XVgwZC9W:VANtN8T

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  aaa0ca6403b43a479f6da7c92b4a674028b3e459c1bafd2e6600594af6e64587
- Size
  
  488KB
- MD5
  
  6b06151e69a13a10f07b19ffa3a057b0
- SHA1
  
  12548e659c62b4e801bfdd8fc6f86b7800d30b6f
- SHA256
  
  aaa0ca6403b43a479f6da7c92b4a674028b3e459c1bafd2e6600594af6e64587
- SHA512
  
  84d60d12e0ca2ef7545897ae803158a6f4c3ec1766a864b977191de2e64551e3435bf8863538409a3d2f1d96625035ec91cfee1a907a4291c36815e8ef072ec9
- SSDEEP
  
  12288:IlHIeD3h/N1jpZNi9R+swevu2XVgwZC9W:VANtN8T
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2