1f4f130ab23f6abe1dfc7a64889ffbf6ac71a0140027ae22ce06e9a6b40dc238 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f4f130ab23f6abe1dfc7a64889ffbf6ac71a0140027ae22ce06e9a6b40dc238
Size

324KB
Sample

221021-d7b2xsadej
MD5

5d0502ab67a59c3769df355bcef42a10
SHA1

d0bf66dc0a7ac811dffe6bb9a12819711b68afbc
SHA256

1f4f130ab23f6abe1dfc7a64889ffbf6ac71a0140027ae22ce06e9a6b40dc238
SHA512

88301108e4560f80f2d6a153fd935c60b2e731c42ad12ee6db8b203045f889523647002c2e6fb6a8b3bd3efbbd669e5e0fb6b0dfce52b69c2fa6bb5701c33b2b
SSDEEP

6144:drORTyv4bo0jy7bmbUzkuvcBYC47l2x7wLSH0JPRy8c7hdlmhvLTKPcAaf4QcI:drVvkuveY3SHSPR2bEFTQOAQcI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1f4f130ab23f6abe1dfc7a64889ffbf6ac71a0140027ae22ce06e9a6b40dc238
- Size
  
  324KB
- MD5
  
  5d0502ab67a59c3769df355bcef42a10
- SHA1
  
  d0bf66dc0a7ac811dffe6bb9a12819711b68afbc
- SHA256
  
  1f4f130ab23f6abe1dfc7a64889ffbf6ac71a0140027ae22ce06e9a6b40dc238
- SHA512
  
  88301108e4560f80f2d6a153fd935c60b2e731c42ad12ee6db8b203045f889523647002c2e6fb6a8b3bd3efbbd669e5e0fb6b0dfce52b69c2fa6bb5701c33b2b
- SSDEEP
  
  6144:drORTyv4bo0jy7bmbUzkuvcBYC47l2x7wLSH0JPRy8c7hdlmhvLTKPcAaf4QcI:drVvkuveY3SHSPR2bEFTQOAQcI
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2