e1cc74bba98d99a4b25eeee3ef4db4279c05f5cac5199cd8e7e1208880a89e7a | Triage

Sharing

General

Target

e1cc74bba98d99a4b25eeee3ef4db4279c05f5cac5199cd8e7e1208880a89e7a
Size

10KB
Sample

221123-s4fy2ada39
MD5

6105f3b3402b0efbb10200d18fba0990
SHA1

50a164fab4a7304dbebab02146612375367b8234
SHA256

e1cc74bba98d99a4b25eeee3ef4db4279c05f5cac5199cd8e7e1208880a89e7a
SHA512

4b47a123ea40dbe2c86a1a85407a3598f20bd832ec9257a75531031650374fe7f697dd3fc3a37422e24de202c1c033efbebdeb82c4b60422bab5272b49589a9d
SSDEEP

192:nPd08DGJs1wIu+KvrPubCjP9bk8kAnCUd9TIl26JU9GSYg8h:nqE/HKeCjO8eWR6JkUh

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e1cc74bba98d99a4b25eeee3ef4db4279c05f5cac5199cd8e7e1208880a89e7a
- Size
  
  10KB
- MD5
  
  6105f3b3402b0efbb10200d18fba0990
- SHA1
  
  50a164fab4a7304dbebab02146612375367b8234
- SHA256
  
  e1cc74bba98d99a4b25eeee3ef4db4279c05f5cac5199cd8e7e1208880a89e7a
- SHA512
  
  4b47a123ea40dbe2c86a1a85407a3598f20bd832ec9257a75531031650374fe7f697dd3fc3a37422e24de202c1c033efbebdeb82c4b60422bab5272b49589a9d
- SSDEEP
  
  192:nPd08DGJs1wIu+KvrPubCjP9bk8kAnCUd9TIl26JU9GSYg8h:nqE/HKeCjO8eWR6JkUh
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2