0496c2e397dc2ae08c0839b035f7fb087dc4c90253fed1a2f6f1c862efb47e03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0496c2e397dc2ae08c0839b035f7fb087dc4c90253fed1a2f6f1c862efb47e03
Size

314KB
Sample

221029-yd5glaccd3
MD5

84cad17c323a03dd2a4921e9893aeab0
SHA1

4109109fd2fb904678b0643930db9d0508b1a756
SHA256

0496c2e397dc2ae08c0839b035f7fb087dc4c90253fed1a2f6f1c862efb47e03
SHA512

278772b64ef1872eb7b51353620f07a02c3b3ab0b2c2f0d87d5aade7aad2744a662b2d5d7c2882ac5c4f79ff3f3e8ff0b6bf2b81517e3d38c24e521b42d11fac
SSDEEP

6144:treyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9j:trzVm/kkuveY3MGWzlx7DMS7dG9j

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0496c2e397dc2ae08c0839b035f7fb087dc4c90253fed1a2f6f1c862efb47e03
- Size
  
  314KB
- MD5
  
  84cad17c323a03dd2a4921e9893aeab0
- SHA1
  
  4109109fd2fb904678b0643930db9d0508b1a756
- SHA256
  
  0496c2e397dc2ae08c0839b035f7fb087dc4c90253fed1a2f6f1c862efb47e03
- SHA512
  
  278772b64ef1872eb7b51353620f07a02c3b3ab0b2c2f0d87d5aade7aad2744a662b2d5d7c2882ac5c4f79ff3f3e8ff0b6bf2b81517e3d38c24e521b42d11fac
- SSDEEP
  
  6144:treyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9j:trzVm/kkuveY3MGWzlx7DMS7dG9j
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2