f4ca81580d63d8d1c0473c301b68baa357d65fc2dfb0c249d738a4a2ddcdd191 | Triage

Sharing

General

Target

f4ca81580d63d8d1c0473c301b68baa357d65fc2dfb0c249d738a4a2ddcdd191
Size

314KB
Sample

221123-htazxsed45
MD5

79f96a5f7fa3022126c945c35df89e28
SHA1

4b22a95796f3516947b7e3789143eb624107af80
SHA256

f4ca81580d63d8d1c0473c301b68baa357d65fc2dfb0c249d738a4a2ddcdd191
SHA512

cc97115d55acdaebb30a228639e20920e58249ac6b98383a56be5a4761d9c4bb2e08331aca4b529f226dc020ee0d44ba4fda60e03a9083d30fa3bcd4a70c2a56
SSDEEP

6144:QrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRw5:Qr1kuveY35YO67Wxz7w5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f4ca81580d63d8d1c0473c301b68baa357d65fc2dfb0c249d738a4a2ddcdd191
- Size
  
  314KB
- MD5
  
  79f96a5f7fa3022126c945c35df89e28
- SHA1
  
  4b22a95796f3516947b7e3789143eb624107af80
- SHA256
  
  f4ca81580d63d8d1c0473c301b68baa357d65fc2dfb0c249d738a4a2ddcdd191
- SHA512
  
  cc97115d55acdaebb30a228639e20920e58249ac6b98383a56be5a4761d9c4bb2e08331aca4b529f226dc020ee0d44ba4fda60e03a9083d30fa3bcd4a70c2a56
- SSDEEP
  
  6144:QrAbUzkuvcBYC47l2xn88NEymFTYO67qzVxzRRw5:Qr1kuveY35YO67Wxz7w5
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2