b95afd7573d107527cfadb2dd98c36469e28d0ee65ceef362c3d034e11bbccb1 | Triage

Sharing

General

Target

b95afd7573d107527cfadb2dd98c36469e28d0ee65ceef362c3d034e11bbccb1
Size

224KB
Sample

221123-zz6gfseb88
MD5

2c9e43abb03188f1515fa758b71daf3d
SHA1

b0271512ff89f1f970498e45b9e716d046081d96
SHA256

b95afd7573d107527cfadb2dd98c36469e28d0ee65ceef362c3d034e11bbccb1
SHA512

3c214d79f26ce26e7f3e7d0ad61321851fef33f70cebbb0ebecc6b2e22c037c61ea1dd545a68b4dbe32be60824b4eb97bf979eddd22dab9949ffb1b60a973193
SSDEEP

3072:SQID51D6aq4zJNeSjv0NGzsP8PtaDItNwW1NJB33FBkDxhZN0102QDBe4dgdEsVw:dZYBVP7fZTvov4AjtRfMkmG

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b95afd7573d107527cfadb2dd98c36469e28d0ee65ceef362c3d034e11bbccb1
- Size
  
  224KB
- MD5
  
  2c9e43abb03188f1515fa758b71daf3d
- SHA1
  
  b0271512ff89f1f970498e45b9e716d046081d96
- SHA256
  
  b95afd7573d107527cfadb2dd98c36469e28d0ee65ceef362c3d034e11bbccb1
- SHA512
  
  3c214d79f26ce26e7f3e7d0ad61321851fef33f70cebbb0ebecc6b2e22c037c61ea1dd545a68b4dbe32be60824b4eb97bf979eddd22dab9949ffb1b60a973193
- SSDEEP
  
  3072:SQID51D6aq4zJNeSjv0NGzsP8PtaDItNwW1NJB33FBkDxhZN0102QDBe4dgdEsVw:dZYBVP7fZTvov4AjtRfMkmG
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2