218ff4587f608b2a402749989a41b204a556f9428aed3229915a985472b9cdae | Triage

Sharing

General

Target

218ff4587f608b2a402749989a41b204a556f9428aed3229915a985472b9cdae
Size

48KB
Sample

221121-2yfwhsae86
MD5

84ea4c27d6a6b66282137a65ee90f5c5
SHA1

baa0df3b5648393900d75b6116e1e957b1368cfd
SHA256

218ff4587f608b2a402749989a41b204a556f9428aed3229915a985472b9cdae
SHA512

00e9a9ac746b7d56cd065135acc546fcd99c8f9c84f3d28ac3e5a4994f1ac41b1c9bb7a1f48ea87fc735fce8ea44a5f64b6dd08292e196850e4eef08d6313247
SSDEEP

384:/TBTwPBM7hP6CTFovGMsqG81uF4R8l5HT+D9yNvhP6CTFLE:/d629ovhPgFjXzUMNRL

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  218ff4587f608b2a402749989a41b204a556f9428aed3229915a985472b9cdae
- Size
  
  48KB
- MD5
  
  84ea4c27d6a6b66282137a65ee90f5c5
- SHA1
  
  baa0df3b5648393900d75b6116e1e957b1368cfd
- SHA256
  
  218ff4587f608b2a402749989a41b204a556f9428aed3229915a985472b9cdae
- SHA512
  
  00e9a9ac746b7d56cd065135acc546fcd99c8f9c84f3d28ac3e5a4994f1ac41b1c9bb7a1f48ea87fc735fce8ea44a5f64b6dd08292e196850e4eef08d6313247
- SSDEEP
  
  384:/TBTwPBM7hP6CTFovGMsqG81uF4R8l5HT+D9yNvhP6CTFLE:/d629ovhPgFjXzUMNRL
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2