dd6ed56287cd25d770aa1de2976a31b2d1065b18b661a0986ab6af4289230a09 | Triage

Sharing

General

Target

dd6ed56287cd25d770aa1de2976a31b2d1065b18b661a0986ab6af4289230a09
Size

120KB
Sample

221125-s3g5psbh9s
MD5

6cb93379756e78187196bfaff65cbb50
SHA1

fab8576c9c70f753a32a565ebee60b10d2dac5b8
SHA256

dd6ed56287cd25d770aa1de2976a31b2d1065b18b661a0986ab6af4289230a09
SHA512

32e887a34f64a649a6587b4813378de6a4ef58f7bb9d737f39dc8f53beebdafd65c8f5b0e64ab53c0418124024fa98ea8d309eb47fd8690c85227c32bf0a4543
SSDEEP

3072:IvG7ySV7c2lCECtUeExLBwdJddCJHZlPD4Fx50BNrr5vR:IUc2xQSxydJzCJ5JcGrdR

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  dd6ed56287cd25d770aa1de2976a31b2d1065b18b661a0986ab6af4289230a09
- Size
  
  120KB
- MD5
  
  6cb93379756e78187196bfaff65cbb50
- SHA1
  
  fab8576c9c70f753a32a565ebee60b10d2dac5b8
- SHA256
  
  dd6ed56287cd25d770aa1de2976a31b2d1065b18b661a0986ab6af4289230a09
- SHA512
  
  32e887a34f64a649a6587b4813378de6a4ef58f7bb9d737f39dc8f53beebdafd65c8f5b0e64ab53c0418124024fa98ea8d309eb47fd8690c85227c32bf0a4543
- SSDEEP
  
  3072:IvG7ySV7c2lCECtUeExLBwdJddCJHZlPD4Fx50BNrr5vR:IUc2xQSxydJzCJ5JcGrdR
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence