2ff3f280ce9dedcfd659ff47618a331ff6d61aca7ec3d3c97569e632fe80b7d9 | Triage

Sharing

General

Target

2ff3f280ce9dedcfd659ff47618a331ff6d61aca7ec3d3c97569e632fe80b7d9
Size

318KB
Sample

221123-khtzrsce4v
MD5

9fb4daeb61b66811fb055d4bc5f8f285
SHA1

a20d6ff12b9d2b37fdd954bc623b7deb522c4d88
SHA256

2ff3f280ce9dedcfd659ff47618a331ff6d61aca7ec3d3c97569e632fe80b7d9
SHA512

887e2f2bfd93c724b9de0e94b70fe54c514c7f797c63ca76c245ee42ec9a49948f5f5e6c9afc43155145dab44bedff0f23ddaccfd0289899c3c40420ccde6175
SSDEEP

6144:cr5bUzkuvcBYC47l2xGUIWhDcFHgO4nIcsKY3SLiT:crqkuveY3EdDcNgtIrKY3iw

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2ff3f280ce9dedcfd659ff47618a331ff6d61aca7ec3d3c97569e632fe80b7d9
- Size
  
  318KB
- MD5
  
  9fb4daeb61b66811fb055d4bc5f8f285
- SHA1
  
  a20d6ff12b9d2b37fdd954bc623b7deb522c4d88
- SHA256
  
  2ff3f280ce9dedcfd659ff47618a331ff6d61aca7ec3d3c97569e632fe80b7d9
- SHA512
  
  887e2f2bfd93c724b9de0e94b70fe54c514c7f797c63ca76c245ee42ec9a49948f5f5e6c9afc43155145dab44bedff0f23ddaccfd0289899c3c40420ccde6175
- SSDEEP
  
  6144:cr5bUzkuvcBYC47l2xGUIWhDcFHgO4nIcsKY3SLiT:crqkuveY3EdDcNgtIrKY3iw
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2