4b236312efc0c1c766483aa9ff326b1b5b95eb90a72f2d952c2470b2f1bcc113 | Triage

Sharing

General

Target

4b236312efc0c1c766483aa9ff326b1b5b95eb90a72f2d952c2470b2f1bcc113
Size

323KB
Sample

221124-eefebafd52
MD5

c32ab8488828b96c12cc8c0356bf5928
SHA1

034abdea7b4f3f3b999e68158a471915307ad91c
SHA256

4b236312efc0c1c766483aa9ff326b1b5b95eb90a72f2d952c2470b2f1bcc113
SHA512

e549864ae5d54be6eed87c496440db08766863ff575fcdf42eea658d3a1436686ce1369beea551069cb72cd3ce69f57b604bbae2a94b61703ca5689b4cbde76f
SSDEEP

6144:4rV99uEo2S1YnQmCX492DkwNP3qpYFXTqttBv2tHlzLkFyhFOY4vHSMrOe:4rVDu6/eIo4YOtEyc55Ml

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4b236312efc0c1c766483aa9ff326b1b5b95eb90a72f2d952c2470b2f1bcc113
- Size
  
  323KB
- MD5
  
  c32ab8488828b96c12cc8c0356bf5928
- SHA1
  
  034abdea7b4f3f3b999e68158a471915307ad91c
- SHA256
  
  4b236312efc0c1c766483aa9ff326b1b5b95eb90a72f2d952c2470b2f1bcc113
- SHA512
  
  e549864ae5d54be6eed87c496440db08766863ff575fcdf42eea658d3a1436686ce1369beea551069cb72cd3ce69f57b604bbae2a94b61703ca5689b4cbde76f
- SSDEEP
  
  6144:4rV99uEo2S1YnQmCX492DkwNP3qpYFXTqttBv2tHlzLkFyhFOY4vHSMrOe:4rVDu6/eIo4YOtEyc55Ml
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2