1733b95161dd045b8baebaebc3b145a992db287dad4ff1dd6aab66dc03a3fa11 | Triage

Sharing

General

Target

1733b95161dd045b8baebaebc3b145a992db287dad4ff1dd6aab66dc03a3fa11
Size

412KB
Sample

221124-aferyshe7z
MD5

55fd2d489b1012389b0e94d547b0ffbe
SHA1

d9d683bf532ca778ffc8649875bf024158b7d0f0
SHA256

1733b95161dd045b8baebaebc3b145a992db287dad4ff1dd6aab66dc03a3fa11
SHA512

ab9a1c715841c7987a7f0dcf505114e36513efd158db7e0344e37f2de982be4aba5e47e79a3d4c573e2dc4b27c3b31f048ef21e0b71ac9473e9ec8ddded15c2c
SSDEEP

6144:8fncJE/wEHc4aDDv3WuqljyPLghLznF1:m0owOSGZyPLEF1

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  1733b95161dd045b8baebaebc3b145a992db287dad4ff1dd6aab66dc03a3fa11
- Size
  
  412KB
- MD5
  
  55fd2d489b1012389b0e94d547b0ffbe
- SHA1
  
  d9d683bf532ca778ffc8649875bf024158b7d0f0
- SHA256
  
  1733b95161dd045b8baebaebc3b145a992db287dad4ff1dd6aab66dc03a3fa11
- SHA512
  
  ab9a1c715841c7987a7f0dcf505114e36513efd158db7e0344e37f2de982be4aba5e47e79a3d4c573e2dc4b27c3b31f048ef21e0b71ac9473e9ec8ddded15c2c
- SSDEEP
  
  6144:8fncJE/wEHc4aDDv3WuqljyPLghLznF1:m0owOSGZyPLEF1
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2