2fbe8c1bddc41e89717ac4011326ae0875c7a7b73cd2a7090ab33d56bfcb58f4 | Triage

Sharing

General

Target

2fbe8c1bddc41e89717ac4011326ae0875c7a7b73cd2a7090ab33d56bfcb58f4
Size

327KB
Sample

221123-khwtcsce4y
MD5

fefbc8facee80a6751d42ed0c1836eaa
SHA1

30fcbc12a5199133f2b722eced8d00992729eee9
SHA256

2fbe8c1bddc41e89717ac4011326ae0875c7a7b73cd2a7090ab33d56bfcb58f4
SHA512

ed63160898608608ab20feb884aa3acdd2afd401ae033c42288270ed1f3d0e97f5f3023d0e25c31a48a612ccf1c99ad36b3a0b0db99f820a352ab3bd705c0271
SSDEEP

6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F7:Jr4iu6/eIo4Rsw33AtsmQG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2fbe8c1bddc41e89717ac4011326ae0875c7a7b73cd2a7090ab33d56bfcb58f4
- Size
  
  327KB
- MD5
  
  fefbc8facee80a6751d42ed0c1836eaa
- SHA1
  
  30fcbc12a5199133f2b722eced8d00992729eee9
- SHA256
  
  2fbe8c1bddc41e89717ac4011326ae0875c7a7b73cd2a7090ab33d56bfcb58f4
- SHA512
  
  ed63160898608608ab20feb884aa3acdd2afd401ae033c42288270ed1f3d0e97f5f3023d0e25c31a48a612ccf1c99ad36b3a0b0db99f820a352ab3bd705c0271
- SSDEEP
  
  6144:Jr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6F7:Jr4iu6/eIo4Rsw33AtsmQG
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2