4a1ad85e2764b8ef02bc3b61fa289b500d828c4f6a0c64a79ccd11ead9936b0e | Triage

Sharing

General

Target

4a1ad85e2764b8ef02bc3b61fa289b500d828c4f6a0c64a79ccd11ead9936b0e
Size

327KB
Sample

221123-kdmpwscc61
MD5

e9b1e3fa98e8151666f1575d249efe57
SHA1

6e596997e704a21c6a28c4e0666147aeab6e034c
SHA256

4a1ad85e2764b8ef02bc3b61fa289b500d828c4f6a0c64a79ccd11ead9936b0e
SHA512

1b7fc7d13ff6950a8d7bf84e23e86a93d7794e7edf54f2e6068dc67736721e57b1405edfa24a0ed4cf5637783a5d40a82660c21fa98162df6b1882fd69a69814
SSDEEP

6144:5r469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FN5:5r4iu6/eIo4Rsw33AtsmQU5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4a1ad85e2764b8ef02bc3b61fa289b500d828c4f6a0c64a79ccd11ead9936b0e
- Size
  
  327KB
- MD5
  
  e9b1e3fa98e8151666f1575d249efe57
- SHA1
  
  6e596997e704a21c6a28c4e0666147aeab6e034c
- SHA256
  
  4a1ad85e2764b8ef02bc3b61fa289b500d828c4f6a0c64a79ccd11ead9936b0e
- SHA512
  
  1b7fc7d13ff6950a8d7bf84e23e86a93d7794e7edf54f2e6068dc67736721e57b1405edfa24a0ed4cf5637783a5d40a82660c21fa98162df6b1882fd69a69814
- SSDEEP
  
  6144:5r469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FN5:5r4iu6/eIo4Rsw33AtsmQU5
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2