b35158f44686b27ff3f40b47172e9fe0ba1aa9ec0ae7b80aeaa93f467e3f8cd2 | Triage

Sharing

General

Target

b35158f44686b27ff3f40b47172e9fe0ba1aa9ec0ae7b80aeaa93f467e3f8cd2
Size

327KB
Sample

221123-jpwaqsfh32
MD5

f2b6725e451dd96f80367a2d59a29aae
SHA1

70794da54b3803ae14b134414188de4f48a0f4c5
SHA256

b35158f44686b27ff3f40b47172e9fe0ba1aa9ec0ae7b80aeaa93f467e3f8cd2
SHA512

bfe0311448596c495d7980297649622d4c00679847d5b9d6a7a86d14bd5f831ed95019ae17039dd2654ac6935a0034ce6ddf4be1bf05eebbc72884c5b7f948b0
SSDEEP

6144:xr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F6:xr4iu6/eIo4Rsw33AtsmQL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b35158f44686b27ff3f40b47172e9fe0ba1aa9ec0ae7b80aeaa93f467e3f8cd2
- Size
  
  327KB
- MD5
  
  f2b6725e451dd96f80367a2d59a29aae
- SHA1
  
  70794da54b3803ae14b134414188de4f48a0f4c5
- SHA256
  
  b35158f44686b27ff3f40b47172e9fe0ba1aa9ec0ae7b80aeaa93f467e3f8cd2
- SHA512
  
  bfe0311448596c495d7980297649622d4c00679847d5b9d6a7a86d14bd5f831ed95019ae17039dd2654ac6935a0034ce6ddf4be1bf05eebbc72884c5b7f948b0
- SSDEEP
  
  6144:xr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F6:xr4iu6/eIo4Rsw33AtsmQL
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2