cf4e341bc65092f4150aae376c13c7855b34a3dc96dd6f783cda12b18d6320b6 | Triage

Sharing

General

Target

cf4e341bc65092f4150aae376c13c7855b34a3dc96dd6f783cda12b18d6320b6
Size

316KB
Sample

221127-k2nbbshh9s
MD5

d0a0f5ab02bb35d6f0f17dc696dd01c2
SHA1

9b81aee0d0811ef9ec6e6049e821ff93b590147c
SHA256

cf4e341bc65092f4150aae376c13c7855b34a3dc96dd6f783cda12b18d6320b6
SHA512

b6b0c97bfe89b0603802cd92ff93e070bfaff0cf86e7fd4809c0511e7cd597f5f414662e380cdbc7fb9ef5ce2b61e8be40a6570874fa0bf3d6b9a7e794f903e8
SSDEEP

6144:pr9bUzkuvcBYC47l2xA0CLzrfn5Agvirxi/NRFBDArI:pr+kuveY3hdLzrfn5A1KtBj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cf4e341bc65092f4150aae376c13c7855b34a3dc96dd6f783cda12b18d6320b6
- Size
  
  316KB
- MD5
  
  d0a0f5ab02bb35d6f0f17dc696dd01c2
- SHA1
  
  9b81aee0d0811ef9ec6e6049e821ff93b590147c
- SHA256
  
  cf4e341bc65092f4150aae376c13c7855b34a3dc96dd6f783cda12b18d6320b6
- SHA512
  
  b6b0c97bfe89b0603802cd92ff93e070bfaff0cf86e7fd4809c0511e7cd597f5f414662e380cdbc7fb9ef5ce2b61e8be40a6570874fa0bf3d6b9a7e794f903e8
- SSDEEP
  
  6144:pr9bUzkuvcBYC47l2xA0CLzrfn5Agvirxi/NRFBDArI:pr+kuveY3hdLzrfn5A1KtBj
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2