d36e56095791765f16bfd128486d076ba894b9c2d66e26b6d8546b783b7d83e3 | Triage

Sharing

General

Target

d36e56095791765f16bfd128486d076ba894b9c2d66e26b6d8546b783b7d83e3
Size

327KB
Sample

221123-h9hdyafb44
MD5

be9e9d2b31cbcc4e6fa0cc93f958b160
SHA1

1ad695c882ddeb704b87c6a6ca8b126056262e7d
SHA256

d36e56095791765f16bfd128486d076ba894b9c2d66e26b6d8546b783b7d83e3
SHA512

a7370e71882cedc4ec14dc5c66781306d97bdb28818e673eaaa7e28d59e0f0e92056e81e21283ffb17c80edc25a871ba33fd99677e8f3422c6b661428fa5ea98
SSDEEP

6144:xr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F1:xr4iu6/eIo4Rsw33AtsmQ4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d36e56095791765f16bfd128486d076ba894b9c2d66e26b6d8546b783b7d83e3
- Size
  
  327KB
- MD5
  
  be9e9d2b31cbcc4e6fa0cc93f958b160
- SHA1
  
  1ad695c882ddeb704b87c6a6ca8b126056262e7d
- SHA256
  
  d36e56095791765f16bfd128486d076ba894b9c2d66e26b6d8546b783b7d83e3
- SHA512
  
  a7370e71882cedc4ec14dc5c66781306d97bdb28818e673eaaa7e28d59e0f0e92056e81e21283ffb17c80edc25a871ba33fd99677e8f3422c6b661428fa5ea98
- SSDEEP
  
  6144:xr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F1:xr4iu6/eIo4Rsw33AtsmQ4
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2