f54af8a0870f1b7b520397c1e34f15a62eb733e6b0cdefe42eea175fa9fc6581 | Triage

Sharing

General

Target

f54af8a0870f1b7b520397c1e34f15a62eb733e6b0cdefe42eea175fa9fc6581
Size

488KB
Sample

221107-11rv5abga2
MD5

0f7cc9653df0c3be4dc36e99b7477000
SHA1

81842fefc3b1d53d11a023886278d8a766b2557c
SHA256

f54af8a0870f1b7b520397c1e34f15a62eb733e6b0cdefe42eea175fa9fc6581
SHA512

c37d51d51fad31c4421b351b041cb526bad549d7108b4b3b7dddbfecad880958330c126021474666c6364fdfff224cf6465a0a608d13c67ff9ecfa72aeb23905
SSDEEP

12288:3lHIeD3h/N1jpZNi9R+swevu2XVgwZCeUTM4n:KANtN81UwO

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  f54af8a0870f1b7b520397c1e34f15a62eb733e6b0cdefe42eea175fa9fc6581
- Size
  
  488KB
- MD5
  
  0f7cc9653df0c3be4dc36e99b7477000
- SHA1
  
  81842fefc3b1d53d11a023886278d8a766b2557c
- SHA256
  
  f54af8a0870f1b7b520397c1e34f15a62eb733e6b0cdefe42eea175fa9fc6581
- SHA512
  
  c37d51d51fad31c4421b351b041cb526bad549d7108b4b3b7dddbfecad880958330c126021474666c6364fdfff224cf6465a0a608d13c67ff9ecfa72aeb23905
- SSDEEP
  
  12288:3lHIeD3h/N1jpZNi9R+swevu2XVgwZCeUTM4n:KANtN81UwO
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2