36c9fedc27164a44c266d638588240be365d5a1ce9f984e3ba30e58fa8e06f5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c9fedc27164a44c266d638588240be365d5a1ce9f984e3ba30e58fa8e06f5f
Size

327KB
Sample

221127-t8fz9scd54
MD5

bfef0f76f9bf519e6effca7f53b79dba
SHA1

9dcdd59bb3e1f0658c3056703b8f7c03c122b9ae
SHA256

36c9fedc27164a44c266d638588240be365d5a1ce9f984e3ba30e58fa8e06f5f
SHA512

f08949a5bf6f66f24498934a4de2deaa6f092d4ac76a957b95f17caf22fc9869dc605a3428dafc012c3f7374c7ad53224712e54294e0e0fed9b3d5470b7c915f
SSDEEP

6144:ErVbUzkuvcBYC47l2xt81bM31jFryMm/+3pZasr0AtbgTtCybrNMcm:ErGkuveY38aExzr3pZh0d8EJ9m

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  36c9fedc27164a44c266d638588240be365d5a1ce9f984e3ba30e58fa8e06f5f
- Size
  
  327KB
- MD5
  
  bfef0f76f9bf519e6effca7f53b79dba
- SHA1
  
  9dcdd59bb3e1f0658c3056703b8f7c03c122b9ae
- SHA256
  
  36c9fedc27164a44c266d638588240be365d5a1ce9f984e3ba30e58fa8e06f5f
- SHA512
  
  f08949a5bf6f66f24498934a4de2deaa6f092d4ac76a957b95f17caf22fc9869dc605a3428dafc012c3f7374c7ad53224712e54294e0e0fed9b3d5470b7c915f
- SSDEEP
  
  6144:ErVbUzkuvcBYC47l2xt81bM31jFryMm/+3pZasr0AtbgTtCybrNMcm:ErGkuveY38aExzr3pZh0d8EJ9m
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2