196b2a63ae3eba771094d580c1ba790ee7fb144c6e016c08da5a01202bbbd186 | Triage

Sharing

General

Target

196b2a63ae3eba771094d580c1ba790ee7fb144c6e016c08da5a01202bbbd186
Size

313KB
Sample

221123-knb15scg3y
MD5

9838809eb369760ab017aa8569ab358d
SHA1

2961db1025de70aa482e09f8964a7a709891a3f5
SHA256

196b2a63ae3eba771094d580c1ba790ee7fb144c6e016c08da5a01202bbbd186
SHA512

39b903150ca3907034e2b8fccde52de386d3fae3e7bcc2cf5127fc12f8a898ca60c54763d0f52acf65fbb987bca65155af4dc1de704395376ca0e1f3058f2467
SSDEEP

6144:QrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDS:Qrfu6/eIo4jVW5soVCcQovoO0DJM+Ed

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  196b2a63ae3eba771094d580c1ba790ee7fb144c6e016c08da5a01202bbbd186
- Size
  
  313KB
- MD5
  
  9838809eb369760ab017aa8569ab358d
- SHA1
  
  2961db1025de70aa482e09f8964a7a709891a3f5
- SHA256
  
  196b2a63ae3eba771094d580c1ba790ee7fb144c6e016c08da5a01202bbbd186
- SHA512
  
  39b903150ca3907034e2b8fccde52de386d3fae3e7bcc2cf5127fc12f8a898ca60c54763d0f52acf65fbb987bca65155af4dc1de704395376ca0e1f3058f2467
- SSDEEP
  
  6144:QrJ9uEo2S1YnQmCX492DkwNP3qpYFQiY0Z56GICaNRCVEumbcF6ov5d889PgLVDS:Qrfu6/eIo4jVW5soVCcQovoO0DJM+Ed
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2