16b27bb4da730b864354d95d6af72a76134db76b0918e8988a39bd2f0212436c | Triage

Sharing

General

Target

16b27bb4da730b864354d95d6af72a76134db76b0918e8988a39bd2f0212436c
Size

313KB
Sample

221123-knwesahd29
MD5

e1e06d4cb043ff271c8bd16109ad4074
SHA1

e8ccf1c767075f64360329a73c96400b82e921f5
SHA256

16b27bb4da730b864354d95d6af72a76134db76b0918e8988a39bd2f0212436c
SHA512

d27f3453559818c4b3647143db96f5270c66f86a148371b1eea26a0151e5332c8b61467e3aaddfa70deb5eb197422cbbf3996c822d8cba2bd64173bcfe3c7894
SSDEEP

6144:6rkP9uEo2S1YnQmCX492DkwNP3qpYFpdteedaMtBxOWUevASojincBSE:6rkFu6/eIo4mdt2M/lUevAzicD

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  16b27bb4da730b864354d95d6af72a76134db76b0918e8988a39bd2f0212436c
- Size
  
  313KB
- MD5
  
  e1e06d4cb043ff271c8bd16109ad4074
- SHA1
  
  e8ccf1c767075f64360329a73c96400b82e921f5
- SHA256
  
  16b27bb4da730b864354d95d6af72a76134db76b0918e8988a39bd2f0212436c
- SHA512
  
  d27f3453559818c4b3647143db96f5270c66f86a148371b1eea26a0151e5332c8b61467e3aaddfa70deb5eb197422cbbf3996c822d8cba2bd64173bcfe3c7894
- SSDEEP
  
  6144:6rkP9uEo2S1YnQmCX492DkwNP3qpYFpdteedaMtBxOWUevASojincBSE:6rkFu6/eIo4mdt2M/lUevAzicD
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2