33be75c2624f10525bbc8e6219a9c87e56fa0974ef197e3b0b063e81c3d51303 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33be75c2624f10525bbc8e6219a9c87e56fa0974ef197e3b0b063e81c3d51303
Size

272KB
Sample

221020-cbn6yahec3
MD5

741552532669436e436a234fb2472d30
SHA1

b87b7d646ec35559a179ebe5f29ec5d97400da24
SHA256

33be75c2624f10525bbc8e6219a9c87e56fa0974ef197e3b0b063e81c3d51303
SHA512

76a546ffae3d288353815692fb20c7f4eb1bc6aa80063809124ce95f57f37edcac341ff373aa46c749fc31373ab723505d8088badc3aa7013c41d6f8a337bbbb
SSDEEP

6144:tLdzWo6yNVfTBXRHOC/1WUEWyKakBqhUWeVSg:thGyNV7BBWeYg

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  33be75c2624f10525bbc8e6219a9c87e56fa0974ef197e3b0b063e81c3d51303
- Size
  
  272KB
- MD5
  
  741552532669436e436a234fb2472d30
- SHA1
  
  b87b7d646ec35559a179ebe5f29ec5d97400da24
- SHA256
  
  33be75c2624f10525bbc8e6219a9c87e56fa0974ef197e3b0b063e81c3d51303
- SHA512
  
  76a546ffae3d288353815692fb20c7f4eb1bc6aa80063809124ce95f57f37edcac341ff373aa46c749fc31373ab723505d8088badc3aa7013c41d6f8a337bbbb
- SSDEEP
  
  6144:tLdzWo6yNVfTBXRHOC/1WUEWyKakBqhUWeVSg:thGyNV7BBWeYg
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2