11df7fa81ccfc043922da132767925699d3669085ec393bb6c8f86a046c47e52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11df7fa81ccfc043922da132767925699d3669085ec393bb6c8f86a046c47e52
Size

326KB
Sample

221127-kaly7afh9w
MD5

c3b3737649fd1e846342550170924d5e
SHA1

83bc5d08196b29bcee455794c9d964a31808e291
SHA256

11df7fa81ccfc043922da132767925699d3669085ec393bb6c8f86a046c47e52
SHA512

9635176cafd2d4f76070eb22cee0d628ed4f7f3825ab124e61a0c65a50f57d956dea5714224d3157704597397c9ed85350be7b076cd93b02e9ba1b0e5f3b0802
SSDEEP

6144:2r469uEo2S1YnQmCX492DkwNP3qpYFhVq5fRr7kW2hjCmPLSysJma+:2r4iu6/eIo44O0W2UY2yy+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  11df7fa81ccfc043922da132767925699d3669085ec393bb6c8f86a046c47e52
- Size
  
  326KB
- MD5
  
  c3b3737649fd1e846342550170924d5e
- SHA1
  
  83bc5d08196b29bcee455794c9d964a31808e291
- SHA256
  
  11df7fa81ccfc043922da132767925699d3669085ec393bb6c8f86a046c47e52
- SHA512
  
  9635176cafd2d4f76070eb22cee0d628ed4f7f3825ab124e61a0c65a50f57d956dea5714224d3157704597397c9ed85350be7b076cd93b02e9ba1b0e5f3b0802
- SSDEEP
  
  6144:2r469uEo2S1YnQmCX492DkwNP3qpYFhVq5fRr7kW2hjCmPLSysJma+:2r4iu6/eIo44O0W2UY2yy+
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2