bf0ff8d9ab6e153b9271a7e70627dd933565e6e681f7baf94166940cf3c78265 | Triage

Sharing

General

Target

bf0ff8d9ab6e153b9271a7e70627dd933565e6e681f7baf94166940cf3c78265
Size

314KB
Sample

221123-jjlt4sff24
MD5

9484a53f19250c7e815b3eb9b61e9d9d
SHA1

ee0e12f309b04e6031d407387de6919746af60d6
SHA256

bf0ff8d9ab6e153b9271a7e70627dd933565e6e681f7baf94166940cf3c78265
SHA512

555ddcbf091ac4b7541722f235dabb590840a42412c9d79710f71f2f8d28bd244422534472d9f37bf908816ee36bf60ec05d16288418778fabe09d8530324be5
SSDEEP

6144:fr4bUzkuvcBYC47l2x9bpAJiqS1JDoU0/JleWvJ6AbJbkvIxBu4Ti3iQ3:fr9kuveY3ImYZ15oU0/HtbJbkgXJGyQ3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bf0ff8d9ab6e153b9271a7e70627dd933565e6e681f7baf94166940cf3c78265
- Size
  
  314KB
- MD5
  
  9484a53f19250c7e815b3eb9b61e9d9d
- SHA1
  
  ee0e12f309b04e6031d407387de6919746af60d6
- SHA256
  
  bf0ff8d9ab6e153b9271a7e70627dd933565e6e681f7baf94166940cf3c78265
- SHA512
  
  555ddcbf091ac4b7541722f235dabb590840a42412c9d79710f71f2f8d28bd244422534472d9f37bf908816ee36bf60ec05d16288418778fabe09d8530324be5
- SSDEEP
  
  6144:fr4bUzkuvcBYC47l2x9bpAJiqS1JDoU0/JleWvJ6AbJbkvIxBu4Ti3iQ3:fr9kuveY3ImYZ15oU0/HtbJbkgXJGyQ3
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2