f85725e4b6de4d32f88f2120218e78e4179cbfa14af2ec1db2d3e45787c023d5 | Triage

Sharing

General

Target

f85725e4b6de4d32f88f2120218e78e4179cbfa14af2ec1db2d3e45787c023d5
Size

304KB
Sample

221123-ks31eshe85
MD5

dba21b6ae13dc473fec57c8107ee6746
SHA1

6c491b1301d407b6d425d0eb05f067da37213226
SHA256

f85725e4b6de4d32f88f2120218e78e4179cbfa14af2ec1db2d3e45787c023d5
SHA512

48994675f3922daacd9ab444eb6402c2d231e70edf05c9297adf345679f3ba8bc63bdd4aaff72c977ac1b35900a79da1a03ae7b3031e01fd0db6530f2410324b
SSDEEP

6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPY:Nrkuu6/eIo4tQW62T+uTwM6YVxm24Y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f85725e4b6de4d32f88f2120218e78e4179cbfa14af2ec1db2d3e45787c023d5
- Size
  
  304KB
- MD5
  
  dba21b6ae13dc473fec57c8107ee6746
- SHA1
  
  6c491b1301d407b6d425d0eb05f067da37213226
- SHA256
  
  f85725e4b6de4d32f88f2120218e78e4179cbfa14af2ec1db2d3e45787c023d5
- SHA512
  
  48994675f3922daacd9ab444eb6402c2d231e70edf05c9297adf345679f3ba8bc63bdd4aaff72c977ac1b35900a79da1a03ae7b3031e01fd0db6530f2410324b
- SSDEEP
  
  6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPY:Nrkuu6/eIo4tQW62T+uTwM6YVxm24Y
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2