69ed0d5e842d67ee8fece64cab0cfc5b11a99e4f7495d10e1474b3ea97d4db07 | Triage

Sharing

General

Target

69ed0d5e842d67ee8fece64cab0cfc5b11a99e4f7495d10e1474b3ea97d4db07
Size

11KB
Sample

221030-p3lw4sccdk
MD5

a29d60373cec8b04ab8c3b1b58594f60
SHA1

377a0a5be200b85eb8dcb1538fa537943ecee239
SHA256

69ed0d5e842d67ee8fece64cab0cfc5b11a99e4f7495d10e1474b3ea97d4db07
SHA512

80f9eb33dbec03dd1f6b98565bea4835fc6aa9fde4236bb7935e63ea0983b9a231ca574bc2b7a8407bbef44766b51aa15aaa52939451238f0f596653d69b6560
SSDEEP

192:gdVGl1EKCTHQb6TnM26/V4mY7V8QQf5Lylrmc3ZbKwXxmISNBr8jHQG:gTnH8262mCd2koJwXkID

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  69ed0d5e842d67ee8fece64cab0cfc5b11a99e4f7495d10e1474b3ea97d4db07
- Size
  
  11KB
- MD5
  
  a29d60373cec8b04ab8c3b1b58594f60
- SHA1
  
  377a0a5be200b85eb8dcb1538fa537943ecee239
- SHA256
  
  69ed0d5e842d67ee8fece64cab0cfc5b11a99e4f7495d10e1474b3ea97d4db07
- SHA512
  
  80f9eb33dbec03dd1f6b98565bea4835fc6aa9fde4236bb7935e63ea0983b9a231ca574bc2b7a8407bbef44766b51aa15aaa52939451238f0f596653d69b6560
- SSDEEP
  
  192:gdVGl1EKCTHQb6TnM26/V4mY7V8QQf5Lylrmc3ZbKwXxmISNBr8jHQG:gTnH8262mCd2koJwXkID
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence