01bf585b1c0188eb92e2c63e96983ba5ba41ef84bfc6d5169fd48590886774f4 | Triage

Sharing

General

Target

01bf585b1c0188eb92e2c63e96983ba5ba41ef84bfc6d5169fd48590886774f4
Size

313KB
Sample

221123-ksj8bach7v
MD5

bc66aac8b2d36240ed37c66006647518
SHA1

916add639576cf1628a30c624350201b59795f0b
SHA256

01bf585b1c0188eb92e2c63e96983ba5ba41ef84bfc6d5169fd48590886774f4
SHA512

9d8643f4f3ae9c6de32068670d4f6027ae259a7c836a5d5661699a2624fb59c8e15aa57732f0eddf5247af563b5f93a003343bbcbd4bc6cb8bcd935378c69550
SSDEEP

6144:/rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoMR:/rRu6/eIo4t3PuFITKUAC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  01bf585b1c0188eb92e2c63e96983ba5ba41ef84bfc6d5169fd48590886774f4
- Size
  
  313KB
- MD5
  
  bc66aac8b2d36240ed37c66006647518
- SHA1
  
  916add639576cf1628a30c624350201b59795f0b
- SHA256
  
  01bf585b1c0188eb92e2c63e96983ba5ba41ef84bfc6d5169fd48590886774f4
- SHA512
  
  9d8643f4f3ae9c6de32068670d4f6027ae259a7c836a5d5661699a2624fb59c8e15aa57732f0eddf5247af563b5f93a003343bbcbd4bc6cb8bcd935378c69550
- SSDEEP
  
  6144:/rb9uEo2S1YnQmCX492DkwNP3qpYFl2YyPuFITzyccux7rnrOzprCoMR:/rRu6/eIo4t3PuFITKUAC
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2