ddb0b5406e87715ceca280cb365040feceb2c35438f5ed9b284ba14189281356 | Triage

Sharing

General

Target

ddb0b5406e87715ceca280cb365040feceb2c35438f5ed9b284ba14189281356
Size

332KB
Sample

221123-h43spaeh63
MD5

2ae6c7a9fc748ca8235fb9d8b2f81744
SHA1

87018d09ff5cc104675c94439605018eb394459b
SHA256

ddb0b5406e87715ceca280cb365040feceb2c35438f5ed9b284ba14189281356
SHA512

f88b3be34c4a11d327f0253ecac142e85d6d9cc69a668068a067ea26a692cb9e1790433ffd76ac7888c54f30250d8fff99617ce753f280a088a5c35bc80632c8
SSDEEP

6144:Yrwl9uEo2S1YnQmCX492DkwNP3qpYFzlLUdbJ9ZTFJfr5KqimKJjBWeGeNOOFkio:YrKu6/eIo4w4z/F99KjmqtYr3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ddb0b5406e87715ceca280cb365040feceb2c35438f5ed9b284ba14189281356
- Size
  
  332KB
- MD5
  
  2ae6c7a9fc748ca8235fb9d8b2f81744
- SHA1
  
  87018d09ff5cc104675c94439605018eb394459b
- SHA256
  
  ddb0b5406e87715ceca280cb365040feceb2c35438f5ed9b284ba14189281356
- SHA512
  
  f88b3be34c4a11d327f0253ecac142e85d6d9cc69a668068a067ea26a692cb9e1790433ffd76ac7888c54f30250d8fff99617ce753f280a088a5c35bc80632c8
- SSDEEP
  
  6144:Yrwl9uEo2S1YnQmCX492DkwNP3qpYFzlLUdbJ9ZTFJfr5KqimKJjBWeGeNOOFkio:YrKu6/eIo4w4z/F99KjmqtYr3
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2