fa6854154a8c097a8dd0d89bd7d89b523371b49a3b5190c7e6f2222b1cc7a3e6 | Triage

Sharing

General

Target

fa6854154a8c097a8dd0d89bd7d89b523371b49a3b5190c7e6f2222b1cc7a3e6
Size

313KB
Sample

221123-hq4stsec55
MD5

bdf9aae5eae1d97cea6e3659fc5cc088
SHA1

8cb017e6fed4fe30e1b2dc4afa0f7db080f265c6
SHA256

fa6854154a8c097a8dd0d89bd7d89b523371b49a3b5190c7e6f2222b1cc7a3e6
SHA512

fc7d6db6a705cce025e7d258cfa0b5f7434021ddf08e92c1ef0ba81c64985df185635915710058d45ecb44d7ddb5679af5f63b7d9524ffb5b7c884b40b67a392
SSDEEP

6144:HrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0LB:Hryu6/eIo4vMResyEf0uP9d9UG0B

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fa6854154a8c097a8dd0d89bd7d89b523371b49a3b5190c7e6f2222b1cc7a3e6
- Size
  
  313KB
- MD5
  
  bdf9aae5eae1d97cea6e3659fc5cc088
- SHA1
  
  8cb017e6fed4fe30e1b2dc4afa0f7db080f265c6
- SHA256
  
  fa6854154a8c097a8dd0d89bd7d89b523371b49a3b5190c7e6f2222b1cc7a3e6
- SHA512
  
  fc7d6db6a705cce025e7d258cfa0b5f7434021ddf08e92c1ef0ba81c64985df185635915710058d45ecb44d7ddb5679af5f63b7d9524ffb5b7c884b40b67a392
- SSDEEP
  
  6144:HrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0LB:Hryu6/eIo4vMResyEf0uP9d9UG0B
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2