25ca4699d549368a7db983bdde0867a3bdb5490d223d6ea5780d1b16c32818c8 | Triage

Sharing

General

Target

25ca4699d549368a7db983bdde0867a3bdb5490d223d6ea5780d1b16c32818c8
Size

325KB
Sample

221124-ehnj4aag9y
MD5

b7f7b304b8b46eb7f29a5d0de18cc30d
SHA1

f39c32573d4b7fbccc6d56ee9202b5e0e860cac7
SHA256

25ca4699d549368a7db983bdde0867a3bdb5490d223d6ea5780d1b16c32818c8
SHA512

b60b409eb16e52af382fd4bd5c9bd924857ae849e924bc6ffafd1b884425b0aed8501005c7282f2304bb6ee8973298f698b4e0555fe317f4c7605d43493835ae
SSDEEP

6144:8r1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oX:8r1B3u6/eIo4ArVUBQCCYOqmO5oX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  25ca4699d549368a7db983bdde0867a3bdb5490d223d6ea5780d1b16c32818c8
- Size
  
  325KB
- MD5
  
  b7f7b304b8b46eb7f29a5d0de18cc30d
- SHA1
  
  f39c32573d4b7fbccc6d56ee9202b5e0e860cac7
- SHA256
  
  25ca4699d549368a7db983bdde0867a3bdb5490d223d6ea5780d1b16c32818c8
- SHA512
  
  b60b409eb16e52af382fd4bd5c9bd924857ae849e924bc6ffafd1b884425b0aed8501005c7282f2304bb6ee8973298f698b4e0555fe317f4c7605d43493835ae
- SSDEEP
  
  6144:8r1Bh9uEo2S1YnQmCX492DkwNP3qpYFDcYgQUskKWeFCEQOiCYOqmO5oX:8r1B3u6/eIo4ArVUBQCCYOqmO5oX
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2