c1873e267394a3eadf1e9cbb668c97a4b25bf16ed38aba862220396b89b61633 | Triage

Sharing

General

Target

c1873e267394a3eadf1e9cbb668c97a4b25bf16ed38aba862220396b89b61633
Size

304KB
Sample

221123-kwpbfahf89
MD5

03380d229ab9b0abf3e1cd49b16c4390
SHA1

9c04e6b5b4d66e2f2ea7d5b3a7e0bb8162362401
SHA256

c1873e267394a3eadf1e9cbb668c97a4b25bf16ed38aba862220396b89b61633
SHA512

70957c5ddb8c152c4db9396c5e3a99767c883b617a270b058c8025fa848a3fdfcb741bc046f6bf9a5355b4fc53b97c5762d7dfacb69f38d797c4a311d5357ca8
SSDEEP

6144:trkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPF:trkuu6/eIo4tQW62T+uTwM6YVxm24F

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c1873e267394a3eadf1e9cbb668c97a4b25bf16ed38aba862220396b89b61633
- Size
  
  304KB
- MD5
  
  03380d229ab9b0abf3e1cd49b16c4390
- SHA1
  
  9c04e6b5b4d66e2f2ea7d5b3a7e0bb8162362401
- SHA256
  
  c1873e267394a3eadf1e9cbb668c97a4b25bf16ed38aba862220396b89b61633
- SHA512
  
  70957c5ddb8c152c4db9396c5e3a99767c883b617a270b058c8025fa848a3fdfcb741bc046f6bf9a5355b4fc53b97c5762d7dfacb69f38d797c4a311d5357ca8
- SSDEEP
  
  6144:trkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPF:trkuu6/eIo4tQW62T+uTwM6YVxm24F
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2