e8ab8b9f137612c17877e2c8f0852a16b363d25a0982f864c217667e6c07d31a | Triage

Sharing

General

Target

e8ab8b9f137612c17877e2c8f0852a16b363d25a0982f864c217667e6c07d31a
Size

49KB
Sample

221029-xrl2qsbghk
MD5

8461ced81c596ad8e8e5158c4b001d00
SHA1

09005a9d13212b88f4ae27bc870d5c546060b27f
SHA256

e8ab8b9f137612c17877e2c8f0852a16b363d25a0982f864c217667e6c07d31a
SHA512

e917bb658cea9967b649175cd0a39f9639cf482878a4abe78805c7a9b9a0cb1f7f617b5f5039883c40c258113d5626b9bbbae99cef38cd782d3bcd0735209b21
SSDEEP

768:rjAPMl/TWXMqTvviaqWi2PLt+Oyac/7k:rUPMlCXMqTvv/TtPA

Score

7^/10

Malware Config

Targets

- Target
  
  e8ab8b9f137612c17877e2c8f0852a16b363d25a0982f864c217667e6c07d31a
- Size
  
  49KB
- MD5
  
  8461ced81c596ad8e8e5158c4b001d00
- SHA1
  
  09005a9d13212b88f4ae27bc870d5c546060b27f
- SHA256
  
  e8ab8b9f137612c17877e2c8f0852a16b363d25a0982f864c217667e6c07d31a
- SHA512
  
  e917bb658cea9967b649175cd0a39f9639cf482878a4abe78805c7a9b9a0cb1f7f617b5f5039883c40c258113d5626b9bbbae99cef38cd782d3bcd0735209b21
- SSDEEP
  
  768:rjAPMl/TWXMqTvviaqWi2PLt+Oyac/7k:rUPMlCXMqTvv/TtPA
Score

7^/10
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2