b04df844a9bceb8d4e41b9d71d7fb52eae06fd7f25395e20500300de40d3bde1 | Triage

Sharing

General

Target

b04df844a9bceb8d4e41b9d71d7fb52eae06fd7f25395e20500300de40d3bde1
Size

304KB
Sample

221123-kxfexshg28
MD5

937032cdb9a16a180a3ec5e7f9790db0
SHA1

670c5e88ff8397665784c428c25536f7e065885c
SHA256

b04df844a9bceb8d4e41b9d71d7fb52eae06fd7f25395e20500300de40d3bde1
SHA512

13016267505a9fa812970751f98254e1c027ff0b1ea773a57624ba88240ad6348db221dd82731f2c25ee938c4ee6b45c80abde7ff5ae864b2996ccfbc85e7079
SSDEEP

6144:lrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPb:lrkuu6/eIo4tQW62T+uTwM6YVxm24b

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b04df844a9bceb8d4e41b9d71d7fb52eae06fd7f25395e20500300de40d3bde1
- Size
  
  304KB
- MD5
  
  937032cdb9a16a180a3ec5e7f9790db0
- SHA1
  
  670c5e88ff8397665784c428c25536f7e065885c
- SHA256
  
  b04df844a9bceb8d4e41b9d71d7fb52eae06fd7f25395e20500300de40d3bde1
- SHA512
  
  13016267505a9fa812970751f98254e1c027ff0b1ea773a57624ba88240ad6348db221dd82731f2c25ee938c4ee6b45c80abde7ff5ae864b2996ccfbc85e7079
- SSDEEP
  
  6144:lrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPb:lrkuu6/eIo4tQW62T+uTwM6YVxm24b
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2