491a85b370321bcbf3367a2dc2c31ae12a59deb0018f1ef6906345f6434f4560 | Triage

Sharing

General

Target

491a85b370321bcbf3367a2dc2c31ae12a59deb0018f1ef6906345f6434f4560
Size

304KB
Sample

221123-kzew6sdb81
MD5

d9db5c1c2e61373f60daa4f82b816dad
SHA1

e32961eb11e66bd03ec30e2fabd32d75b4d2e3fb
SHA256

491a85b370321bcbf3367a2dc2c31ae12a59deb0018f1ef6906345f6434f4560
SHA512

ca0493cceca060a16f2544f5aaac2d61e9425f58d23cc21f5ce0f05c8030d3123fbe5028219f32de7f6171615edb391109dac85dec237d4dd43070d56e13baac
SSDEEP

6144:3rkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizP:3rkHu6/eIo4RXdrIO5/OpVHd6Ky6riza

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  491a85b370321bcbf3367a2dc2c31ae12a59deb0018f1ef6906345f6434f4560
- Size
  
  304KB
- MD5
  
  d9db5c1c2e61373f60daa4f82b816dad
- SHA1
  
  e32961eb11e66bd03ec30e2fabd32d75b4d2e3fb
- SHA256
  
  491a85b370321bcbf3367a2dc2c31ae12a59deb0018f1ef6906345f6434f4560
- SHA512
  
  ca0493cceca060a16f2544f5aaac2d61e9425f58d23cc21f5ce0f05c8030d3123fbe5028219f32de7f6171615edb391109dac85dec237d4dd43070d56e13baac
- SSDEEP
  
  6144:3rkx9uEo2S1YnQmCX492DkwNP3qpYFkXdlP5IO5/OoCVHuy6SHZ86riVZkiizP:3rkHu6/eIo4RXdrIO5/OpVHd6Ky6riza
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2