76b28dad6f47e3109b17b6dbb667010384fe8642ea9974717ab3671ce4bb8348 | Triage

Sharing

General

Target

76b28dad6f47e3109b17b6dbb667010384fe8642ea9974717ab3671ce4bb8348
Size

255KB
Sample

221124-alg49seg28
MD5

35b02c3d82ce19d30260923cf78d489b
SHA1

f7f3fb7c1303eb738299965336ce90c994ac908c
SHA256

76b28dad6f47e3109b17b6dbb667010384fe8642ea9974717ab3671ce4bb8348
SHA512

fb0fa4136d0fd34d3dd507253bacdaf817319615a8a10d2e8e35d1d7256ded87dca171429c423a2294fd2c59b1e94b4a4c3206286c7acf22871bd6d85918b837
SSDEEP

6144:NOMZgBmcudxub3FX8xfS/eqHx8Pa6Bda6C9L1OjmXDmuY1NOHpZEiKrXy8BFnotu:NOIJiJ89SmqHx8Pa6Bda6C9L1Ojmzmuq

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  76b28dad6f47e3109b17b6dbb667010384fe8642ea9974717ab3671ce4bb8348
- Size
  
  255KB
- MD5
  
  35b02c3d82ce19d30260923cf78d489b
- SHA1
  
  f7f3fb7c1303eb738299965336ce90c994ac908c
- SHA256
  
  76b28dad6f47e3109b17b6dbb667010384fe8642ea9974717ab3671ce4bb8348
- SHA512
  
  fb0fa4136d0fd34d3dd507253bacdaf817319615a8a10d2e8e35d1d7256ded87dca171429c423a2294fd2c59b1e94b4a4c3206286c7acf22871bd6d85918b837
- SSDEEP
  
  6144:NOMZgBmcudxub3FX8xfS/eqHx8Pa6Bda6C9L1OjmXDmuY1NOHpZEiKrXy8BFnotu:NOIJiJ89SmqHx8Pa6Bda6C9L1Ojmzmuq
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2