6329877d49c54bb04be7e568fa691a1d12dcb84afb84341d5bca1515111a5e27 | Triage

Sharing

General

Target

6329877d49c54bb04be7e568fa691a1d12dcb84afb84341d5bca1515111a5e27
Size

416KB
Sample

221106-v8z9ksfhaq
MD5

0c46c90cb4fa0ef296fbe30facd29f80
SHA1

9ad72109ad33f0cbafe7d4805006bbdc16828696
SHA256

6329877d49c54bb04be7e568fa691a1d12dcb84afb84341d5bca1515111a5e27
SHA512

2e1a96413b99d325ffce32e6cbe0878b5bccf2cde92226cb76adfab719a7f593bd6080735799906097d9872140bc44a1fcc88470c5c17e672a2c6ac2b1349d02
SSDEEP

12288:rF4TmFeD3h/N1jpZNi9R+swevu2/9iwF4tW7ZE:x4WANtN8d4M

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  6329877d49c54bb04be7e568fa691a1d12dcb84afb84341d5bca1515111a5e27
- Size
  
  416KB
- MD5
  
  0c46c90cb4fa0ef296fbe30facd29f80
- SHA1
  
  9ad72109ad33f0cbafe7d4805006bbdc16828696
- SHA256
  
  6329877d49c54bb04be7e568fa691a1d12dcb84afb84341d5bca1515111a5e27
- SHA512
  
  2e1a96413b99d325ffce32e6cbe0878b5bccf2cde92226cb76adfab719a7f593bd6080735799906097d9872140bc44a1fcc88470c5c17e672a2c6ac2b1349d02
- SSDEEP
  
  12288:rF4TmFeD3h/N1jpZNi9R+swevu2/9iwF4tW7ZE:x4WANtN8d4M
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2