56118164ece0bb28c368a4d905cdcb8f23037dde5b61fcc1bec9ff6d94f89267 | Triage

Sharing

General

Target

56118164ece0bb28c368a4d905cdcb8f23037dde5b61fcc1bec9ff6d94f89267
Size

314KB
Sample

221124-edscgsfc87
MD5

df531fb8638078d794da4a312474b3df
SHA1

991da9f661e2a0c0b6630bdc91d6eb32363976cb
SHA256

56118164ece0bb28c368a4d905cdcb8f23037dde5b61fcc1bec9ff6d94f89267
SHA512

4c28b7455937cb116cac7ddead28f996797659a0af4119f4e18eb1ccaf63274af01143c175c7f8202a3c2a9f1e65cd3d4db87fd22144c09a55b1b9400ce724d6
SSDEEP

6144:GreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9Hw:GrzVm/kkuveY3MGWzlx7DMS7dG9Q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  56118164ece0bb28c368a4d905cdcb8f23037dde5b61fcc1bec9ff6d94f89267
- Size
  
  314KB
- MD5
  
  df531fb8638078d794da4a312474b3df
- SHA1
  
  991da9f661e2a0c0b6630bdc91d6eb32363976cb
- SHA256
  
  56118164ece0bb28c368a4d905cdcb8f23037dde5b61fcc1bec9ff6d94f89267
- SHA512
  
  4c28b7455937cb116cac7ddead28f996797659a0af4119f4e18eb1ccaf63274af01143c175c7f8202a3c2a9f1e65cd3d4db87fd22144c09a55b1b9400ce724d6
- SSDEEP
  
  6144:GreyVm/vbUzkuvcBYC47l2x1SVkJlzhrx7iY+1t8sBf4+sO6Xd5y5x9Hw:GrzVm/kkuveY3MGWzlx7DMS7dG9Q
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2