4214b9a8edd013c912cc0bdfbc190d42a9d4af24b639089b0b5959be7a5a4fcd | Triage

Sharing

General

Target

4214b9a8edd013c912cc0bdfbc190d42a9d4af24b639089b0b5959be7a5a4fcd
Size

325KB
Sample

221124-eexctsaf31
MD5

e7082ccac0ff10c4b67317fc5526789d
SHA1

eeb7937631946491dce786cb280f4648229a8c59
SHA256

4214b9a8edd013c912cc0bdfbc190d42a9d4af24b639089b0b5959be7a5a4fcd
SHA512

156993b154c66766e6aa4026b79079be8bd8239cb4274ff4f9a71ab92dd98460828cf350d0733548c637a7281dcdd864cbf7c04e67ea7131c7967c5849aab055
SSDEEP

6144:Mr1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oB:Mr1B3u6/eIo4ArVUBQCCYOqmO5oB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4214b9a8edd013c912cc0bdfbc190d42a9d4af24b639089b0b5959be7a5a4fcd
- Size
  
  325KB
- MD5
  
  e7082ccac0ff10c4b67317fc5526789d
- SHA1
  
  eeb7937631946491dce786cb280f4648229a8c59
- SHA256
  
  4214b9a8edd013c912cc0bdfbc190d42a9d4af24b639089b0b5959be7a5a4fcd
- SHA512
  
  156993b154c66766e6aa4026b79079be8bd8239cb4274ff4f9a71ab92dd98460828cf350d0733548c637a7281dcdd864cbf7c04e67ea7131c7967c5849aab055
- SSDEEP
  
  6144:Mr1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oB:Mr1B3u6/eIo4ArVUBQCCYOqmO5oB
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2