bcfcfd399d4daeeba168963065b958ddbc980be7944499a05afe7186f5e73417 | Triage

Sharing

General

Target

bcfcfd399d4daeeba168963065b958ddbc980be7944499a05afe7186f5e73417
Size

304KB
Sample

221125-zk1mnagh7t
MD5

c4e0f11719309721f5b4a8d2b6dec403
SHA1

a45cfe8a71872c52544891e523a26b08261bcd02
SHA256

bcfcfd399d4daeeba168963065b958ddbc980be7944499a05afe7186f5e73417
SHA512

04954f913329f7a5043b97bbc43ae2eda70bb62e6422ac2ec92079f5e440fae32cad4d008e51a916ebba59dd93d0c1ba3f42960699a7e24287c57b3865ab2283
SSDEEP

6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPH:Nrkuu6/eIo4tQW62T+uTwM6YVxm24H

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bcfcfd399d4daeeba168963065b958ddbc980be7944499a05afe7186f5e73417
- Size
  
  304KB
- MD5
  
  c4e0f11719309721f5b4a8d2b6dec403
- SHA1
  
  a45cfe8a71872c52544891e523a26b08261bcd02
- SHA256
  
  bcfcfd399d4daeeba168963065b958ddbc980be7944499a05afe7186f5e73417
- SHA512
  
  04954f913329f7a5043b97bbc43ae2eda70bb62e6422ac2ec92079f5e440fae32cad4d008e51a916ebba59dd93d0c1ba3f42960699a7e24287c57b3865ab2283
- SSDEEP
  
  6144:NrkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyPH:Nrkuu6/eIo4tQW62T+uTwM6YVxm24H
Score

7^/10

discovery
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2