36bef84a4a6b4b335269ce256ca73ba888473f6bc63989c339416c4ff274d520 | Triage

Sharing

General

Target

36bef84a4a6b4b335269ce256ca73ba888473f6bc63989c339416c4ff274d520
Size

327KB
Sample

221029-nmyqasegem
MD5

c439b5b042fb491df36bd3f6353dfdad
SHA1

edbbe92f4bc6b582005a54a3da8e7043cc7c5f12
SHA256

36bef84a4a6b4b335269ce256ca73ba888473f6bc63989c339416c4ff274d520
SHA512

575ce63c05efc54191f25a08d23bbc277962e4f7cac27759cd6c31aa62fba53e50a1d2c8101e47313c5b8fbed3b25a721a8908d8a3cd87385d4cebd6a730d11b
SSDEEP

6144:Rr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fo:Rr4iu6/eIo4Rsw33AtsmQp

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  36bef84a4a6b4b335269ce256ca73ba888473f6bc63989c339416c4ff274d520
- Size
  
  327KB
- MD5
  
  c439b5b042fb491df36bd3f6353dfdad
- SHA1
  
  edbbe92f4bc6b582005a54a3da8e7043cc7c5f12
- SHA256
  
  36bef84a4a6b4b335269ce256ca73ba888473f6bc63989c339416c4ff274d520
- SHA512
  
  575ce63c05efc54191f25a08d23bbc277962e4f7cac27759cd6c31aa62fba53e50a1d2c8101e47313c5b8fbed3b25a721a8908d8a3cd87385d4cebd6a730d11b
- SSDEEP
  
  6144:Rr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fo:Rr4iu6/eIo4Rsw33AtsmQp
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2