c961f50766211aa1a86a547fdc7198173f74a23b2fd7a70685b73d5e8159e754 | Triage

Sharing

General

Target

c961f50766211aa1a86a547fdc7198173f74a23b2fd7a70685b73d5e8159e754
Size

316KB
Sample

221127-pf8glafg53
MD5

f529deb33139101611ea02b95e5910bc
SHA1

3b53910b05aa72491f528b056b94e7ca3917b596
SHA256

c961f50766211aa1a86a547fdc7198173f74a23b2fd7a70685b73d5e8159e754
SHA512

0df161f16001561c2c2eec200142bbb87114f91f85ab7a6e798adadfec2ea75ae66dbe1df2cc1db2d21c1d21a130a8566de9a7d7d76f8a01781f5f7975f41061
SSDEEP

6144:+r9bUzkuvcBYC47l2xjWM4ZZU4An9U+WTASrS:+r+kuveY3mWZW4An9U7TASrS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c961f50766211aa1a86a547fdc7198173f74a23b2fd7a70685b73d5e8159e754
- Size
  
  316KB
- MD5
  
  f529deb33139101611ea02b95e5910bc
- SHA1
  
  3b53910b05aa72491f528b056b94e7ca3917b596
- SHA256
  
  c961f50766211aa1a86a547fdc7198173f74a23b2fd7a70685b73d5e8159e754
- SHA512
  
  0df161f16001561c2c2eec200142bbb87114f91f85ab7a6e798adadfec2ea75ae66dbe1df2cc1db2d21c1d21a130a8566de9a7d7d76f8a01781f5f7975f41061
- SSDEEP
  
  6144:+r9bUzkuvcBYC47l2xjWM4ZZU4An9U+WTASrS:+r+kuveY3mWZW4An9U7TASrS
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2