a5abffda892f2d529ee54b4ed30716d693c7dc762d3c294f0dbf492d3776fb53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5abffda892f2d529ee54b4ed30716d693c7dc762d3c294f0dbf492d3776fb53
Size

326KB
Sample

221019-r2zgxscfan
MD5

a23b76bb2640cd82bf0acdb2bd4e4890
SHA1

899ac005d350cd8343b9216adb9c34750dc7797b
SHA256

a5abffda892f2d529ee54b4ed30716d693c7dc762d3c294f0dbf492d3776fb53
SHA512

8cf666fccff201337ffe5a2594ec7bb108b84cd455e538badf5d3115755df030123145f1db7f9604ad3f8625502a111154f76de9b094e43745593dcf37cd7309
SSDEEP

6144:yr4I9uEo2S1YnQmCX492DkwNP3qpYFuT9U1FZA5MRwxuhhfch6clgc:yr4gu6/eIo4nULZKMRwxuPfk6E

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a5abffda892f2d529ee54b4ed30716d693c7dc762d3c294f0dbf492d3776fb53
- Size
  
  326KB
- MD5
  
  a23b76bb2640cd82bf0acdb2bd4e4890
- SHA1
  
  899ac005d350cd8343b9216adb9c34750dc7797b
- SHA256
  
  a5abffda892f2d529ee54b4ed30716d693c7dc762d3c294f0dbf492d3776fb53
- SHA512
  
  8cf666fccff201337ffe5a2594ec7bb108b84cd455e538badf5d3115755df030123145f1db7f9604ad3f8625502a111154f76de9b094e43745593dcf37cd7309
- SSDEEP
  
  6144:yr4I9uEo2S1YnQmCX492DkwNP3qpYFuT9U1FZA5MRwxuhhfch6clgc:yr4gu6/eIo4nULZKMRwxuPfk6E
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2