cabdd6e97d97f09423a5079d307724c1d1026e41e33784170367e5b804253009 | Triage

Sharing

General

Target

cabdd6e97d97f09423a5079d307724c1d1026e41e33784170367e5b804253009
Size

313KB
Sample

221127-3p4rnagf64
MD5

a9306993c5bbb7cbc752c74789173a87
SHA1

c604f8062152e21009b04051455911e7a475338a
SHA256

cabdd6e97d97f09423a5079d307724c1d1026e41e33784170367e5b804253009
SHA512

aa02e5e6002859f8c15ced72360a646deed74e10644bd3e99842972e4a0c6a6661347f6c7bd6fd961061bc1de2f7585c80a5f82fc822af1ecde4fade36d43e89
SSDEEP

6144:ArkA9uEo2S1YnQmCX492DkwNP3qpYF0lu7tIYxFtApNhiYLE2/5yr3+LijYe:Ark4u6/eIo4nlu7trxFtApfgMyrpjYe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cabdd6e97d97f09423a5079d307724c1d1026e41e33784170367e5b804253009
- Size
  
  313KB
- MD5
  
  a9306993c5bbb7cbc752c74789173a87
- SHA1
  
  c604f8062152e21009b04051455911e7a475338a
- SHA256
  
  cabdd6e97d97f09423a5079d307724c1d1026e41e33784170367e5b804253009
- SHA512
  
  aa02e5e6002859f8c15ced72360a646deed74e10644bd3e99842972e4a0c6a6661347f6c7bd6fd961061bc1de2f7585c80a5f82fc822af1ecde4fade36d43e89
- SSDEEP
  
  6144:ArkA9uEo2S1YnQmCX492DkwNP3qpYF0lu7tIYxFtApNhiYLE2/5yr3+LijYe:Ark4u6/eIo4nlu7trxFtApfgMyrpjYe
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2