de49c4f789fd0d7685e220f4fc8ca0b0c4bf73f63e82632c6421551fecfdc339 | Triage

Sharing

General

Target

de49c4f789fd0d7685e220f4fc8ca0b0c4bf73f63e82632c6421551fecfdc339
Size

315KB
Sample

221123-h4sygseh54
MD5

a960c60aac02286dff766ab4bf492341
SHA1

6cdcba69aae420dca1479456ea14832e9ac057d7
SHA256

de49c4f789fd0d7685e220f4fc8ca0b0c4bf73f63e82632c6421551fecfdc339
SHA512

64e16f2f1bab595e5854a1085cc93fb12adeb10a7de134a417f594c799f0f5e62725808186bf84ca83aa41c27ad38ac4a770c0a697b1ad5bd161aee009e8a497
SSDEEP

6144:mrYbUzkuvcBYC47l2xa6g4FhwjZd/9d1XKxlo/ecwrHs5k:mrdkuveY36kjZP/XKxlSZAHd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  de49c4f789fd0d7685e220f4fc8ca0b0c4bf73f63e82632c6421551fecfdc339
- Size
  
  315KB
- MD5
  
  a960c60aac02286dff766ab4bf492341
- SHA1
  
  6cdcba69aae420dca1479456ea14832e9ac057d7
- SHA256
  
  de49c4f789fd0d7685e220f4fc8ca0b0c4bf73f63e82632c6421551fecfdc339
- SHA512
  
  64e16f2f1bab595e5854a1085cc93fb12adeb10a7de134a417f594c799f0f5e62725808186bf84ca83aa41c27ad38ac4a770c0a697b1ad5bd161aee009e8a497
- SSDEEP
  
  6144:mrYbUzkuvcBYC47l2xa6g4FhwjZd/9d1XKxlo/ecwrHs5k:mrdkuveY36kjZP/XKxlSZAHd
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2