ef582ef189fad7874f38fd1c17712b8b273f5a4e4ea6967a87631dccbb83c224 | Triage

Sharing

General

Target

ef582ef189fad7874f38fd1c17712b8b273f5a4e4ea6967a87631dccbb83c224
Size

313KB
Sample

221123-hwrqfsee53
MD5

5fa897c5ddc3a8c7fc833278c82cc0e0
SHA1

28a73afb264b609f8beabe90cbf5216d1050700f
SHA256

ef582ef189fad7874f38fd1c17712b8b273f5a4e4ea6967a87631dccbb83c224
SHA512

839e17e41ec8704a4435037823e67067ecb8abf519c6914ff8ff03c2571e068e44f0c73b5a7846f9c6e6a8550fe4ddcdfc9526571b2f6e19ba053dd95a8b9c03
SSDEEP

6144:5rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoME:5rRu6/eIo4t3PuFITKUA/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ef582ef189fad7874f38fd1c17712b8b273f5a4e4ea6967a87631dccbb83c224
- Size
  
  313KB
- MD5
  
  5fa897c5ddc3a8c7fc833278c82cc0e0
- SHA1
  
  28a73afb264b609f8beabe90cbf5216d1050700f
- SHA256
  
  ef582ef189fad7874f38fd1c17712b8b273f5a4e4ea6967a87631dccbb83c224
- SHA512
  
  839e17e41ec8704a4435037823e67067ecb8abf519c6914ff8ff03c2571e068e44f0c73b5a7846f9c6e6a8550fe4ddcdfc9526571b2f6e19ba053dd95a8b9c03
- SSDEEP
  
  6144:5rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoME:5rRu6/eIo4t3PuFITKUA/
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2