827eb391031b40b8d9caababa177d11ad674c62d540f450adf1ce4875fb645f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

827eb391031b40b8d9caababa177d11ad674c62d540f450adf1ce4875fb645f5
Size

308KB
Sample

221030-en8gfscdem
MD5

a33f5a370545365f15b7296d5fa18196
SHA1

d6851f58b2db478c52e3994f73897cefd5aaf951
SHA256

827eb391031b40b8d9caababa177d11ad674c62d540f450adf1ce4875fb645f5
SHA512

52c8f9c04b5a7a239dac9f50a1aac2772542f51c3b6ab9978e45f9b1580c78f440db6eede38e112f51846b8d9e840e0a0e8579dd66cd4b05b9f5621f5af1f703
SSDEEP

6144:opmZknq7jsDvszbMR8to/OWXWeNBtTgnZYpK:opFuj8yXtormAyqpK

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  827eb391031b40b8d9caababa177d11ad674c62d540f450adf1ce4875fb645f5
- Size
  
  308KB
- MD5
  
  a33f5a370545365f15b7296d5fa18196
- SHA1
  
  d6851f58b2db478c52e3994f73897cefd5aaf951
- SHA256
  
  827eb391031b40b8d9caababa177d11ad674c62d540f450adf1ce4875fb645f5
- SHA512
  
  52c8f9c04b5a7a239dac9f50a1aac2772542f51c3b6ab9978e45f9b1580c78f440db6eede38e112f51846b8d9e840e0a0e8579dd66cd4b05b9f5621f5af1f703
- SSDEEP
  
  6144:opmZknq7jsDvszbMR8to/OWXWeNBtTgnZYpK:opFuj8yXtormAyqpK
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2