d28a519cbd96cf8b1113a5365e1ac9b7036ea25898c9557f39433ccfed5bb44f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d28a519cbd96cf8b1113a5365e1ac9b7036ea25898c9557f39433ccfed5bb44f
Size

319KB
Sample

221029-acm9xscgh7
MD5

0f4b0a9a5a4c6593fd2ace0be839dec0
SHA1

318bb7c24ec12e3a08f55bb2020604ceae597b39
SHA256

d28a519cbd96cf8b1113a5365e1ac9b7036ea25898c9557f39433ccfed5bb44f
SHA512

bb5cad975c1d39ee424521b82a285867be57374717d0fbfc6ab0325251c4013b7801046025050c80e3fa2db25873b12932441a860ec34f4b466c64fa22b62bb6
SSDEEP

3072:XW6G9E7gc4XfXsVJz5t1e4RzoK51qie7M2L48wX0ceu44NOo19lWNNs9SIDQUq3/:nG9arNaL2qiehL48wX0ceu4K+sbnq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d28a519cbd96cf8b1113a5365e1ac9b7036ea25898c9557f39433ccfed5bb44f
- Size
  
  319KB
- MD5
  
  0f4b0a9a5a4c6593fd2ace0be839dec0
- SHA1
  
  318bb7c24ec12e3a08f55bb2020604ceae597b39
- SHA256
  
  d28a519cbd96cf8b1113a5365e1ac9b7036ea25898c9557f39433ccfed5bb44f
- SHA512
  
  bb5cad975c1d39ee424521b82a285867be57374717d0fbfc6ab0325251c4013b7801046025050c80e3fa2db25873b12932441a860ec34f4b466c64fa22b62bb6
- SSDEEP
  
  3072:XW6G9E7gc4XfXsVJz5t1e4RzoK51qie7M2L48wX0ceu44NOo19lWNNs9SIDQUq3/:nG9arNaL2qiehL48wX0ceu4K+sbnq
Score

7^/10

discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2