066b913c144499e82ec4940f69e0c9808ec67bcf1286444bd1a354574d5fe0d8 | Triage

Sharing

General

Target

066b913c144499e82ec4940f69e0c9808ec67bcf1286444bd1a354574d5fe0d8
Size

6.7MB
Sample

221125-n27lraaa5x
MD5

fa8b4a926c4a92d9c7030754507a3b43
SHA1

9dd10cf6d3f62ca0c5442098d7384638745865f7
SHA256

066b913c144499e82ec4940f69e0c9808ec67bcf1286444bd1a354574d5fe0d8
SHA512

6eff68adbdbc2a2ebceb1d13471864f29b4a57e7475e171e44f516e772b9ffc44d55813ac624f9331dbbf5a0d1847c3fda6557ac48224528fdd05b706f35975c
SSDEEP

196608:zowzVD6ParFwZnAVkPHPtblKA+qTIlNrTuxm:zbGaRAPHK7Nra

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  066b913c144499e82ec4940f69e0c9808ec67bcf1286444bd1a354574d5fe0d8
- Size
  
  6.7MB
- MD5
  
  fa8b4a926c4a92d9c7030754507a3b43
- SHA1
  
  9dd10cf6d3f62ca0c5442098d7384638745865f7
- SHA256
  
  066b913c144499e82ec4940f69e0c9808ec67bcf1286444bd1a354574d5fe0d8
- SHA512
  
  6eff68adbdbc2a2ebceb1d13471864f29b4a57e7475e171e44f516e772b9ffc44d55813ac624f9331dbbf5a0d1847c3fda6557ac48224528fdd05b706f35975c
- SSDEEP
  
  196608:zowzVD6ParFwZnAVkPHPtblKA+qTIlNrTuxm:zbGaRAPHK7Nra
Score

8^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2