977532ea473e6110ec0bcdd4f839b78ec20234a1c833d190a974fae8bd994b94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

977532ea473e6110ec0bcdd4f839b78ec20234a1c833d190a974fae8bd994b94
Size

39KB
Sample

221029-17442aabcl
MD5

848668148618acd15460d14011614280
SHA1

66179402beae71fd102cda96caa229c8a588099b
SHA256

977532ea473e6110ec0bcdd4f839b78ec20234a1c833d190a974fae8bd994b94
SHA512

8e8c0de39d4f1f50646bf703de665b2636d366aae36c77b8d425c51602212573ba13eafc515aa7318723aaf852269b1807dbe8e5c70a67d8b24988d75ef746ed
SSDEEP

768:ohE72QZ9+SihDlvRLYB/M08vW0/3HRfLhw:+E72QP5sJLYB/M08+0fRflw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  977532ea473e6110ec0bcdd4f839b78ec20234a1c833d190a974fae8bd994b94
- Size
  
  39KB
- MD5
  
  848668148618acd15460d14011614280
- SHA1
  
  66179402beae71fd102cda96caa229c8a588099b
- SHA256
  
  977532ea473e6110ec0bcdd4f839b78ec20234a1c833d190a974fae8bd994b94
- SHA512
  
  8e8c0de39d4f1f50646bf703de665b2636d366aae36c77b8d425c51602212573ba13eafc515aa7318723aaf852269b1807dbe8e5c70a67d8b24988d75ef746ed
- SSDEEP
  
  768:ohE72QZ9+SihDlvRLYB/M08vW0/3HRfLhw:+E72QP5sJLYB/M08+0fRflw
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2