d9eacf21be48f7299e97f4538b9cc20d87c1ac97cba96c507e2f9d15283136e5 | Triage

Sharing

General

Target

d9eacf21be48f7299e97f4538b9cc20d87c1ac97cba96c507e2f9d15283136e5
Size

327KB
Sample

221123-h6r4zafa36
MD5

2ca07afc093692eeab823d063e7d66ad
SHA1

6a3b3dd104f560f0b9add167a17284688fb05f46
SHA256

d9eacf21be48f7299e97f4538b9cc20d87c1ac97cba96c507e2f9d15283136e5
SHA512

4faca53703d7f3a6bbf5e7b93131b48fbb53ebc4ebbba09e10fa1bffc36bf9376500f2f65598995c465f2012bd2d82fcae37ab7534231c42e46d016f6f8b157f
SSDEEP

6144:pr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fl:pr4iu6/eIo4Rsw33AtsmQY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d9eacf21be48f7299e97f4538b9cc20d87c1ac97cba96c507e2f9d15283136e5
- Size
  
  327KB
- MD5
  
  2ca07afc093692eeab823d063e7d66ad
- SHA1
  
  6a3b3dd104f560f0b9add167a17284688fb05f46
- SHA256
  
  d9eacf21be48f7299e97f4538b9cc20d87c1ac97cba96c507e2f9d15283136e5
- SHA512
  
  4faca53703d7f3a6bbf5e7b93131b48fbb53ebc4ebbba09e10fa1bffc36bf9376500f2f65598995c465f2012bd2d82fcae37ab7534231c42e46d016f6f8b157f
- SSDEEP
  
  6144:pr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fl:pr4iu6/eIo4Rsw33AtsmQY
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2