ddc765f63a9b294bd85cc66084cc685adfea3abb1408391d3e9055e1a39b16c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddc765f63a9b294bd85cc66084cc685adfea3abb1408391d3e9055e1a39b16c7
Size

327KB
Sample

221127-zdgafabh6x
MD5

ffc65419337e63241ed18b7d2b627778
SHA1

31eb62bf755c8babb64ae4e1fb3721a7ba8d68ee
SHA256

ddc765f63a9b294bd85cc66084cc685adfea3abb1408391d3e9055e1a39b16c7
SHA512

55aced1472f517f700cc458dbf906c97a472414e3a8d57f195f71598a22455e4f2714659df31961211bb6ca8015c6e1743c45c8915a630fb3ffe7cfbb0a216dd
SSDEEP

6144:Zr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FT:Zr4iu6/eIo4Rsw33AtsmQa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ddc765f63a9b294bd85cc66084cc685adfea3abb1408391d3e9055e1a39b16c7
- Size
  
  327KB
- MD5
  
  ffc65419337e63241ed18b7d2b627778
- SHA1
  
  31eb62bf755c8babb64ae4e1fb3721a7ba8d68ee
- SHA256
  
  ddc765f63a9b294bd85cc66084cc685adfea3abb1408391d3e9055e1a39b16c7
- SHA512
  
  55aced1472f517f700cc458dbf906c97a472414e3a8d57f195f71598a22455e4f2714659df31961211bb6ca8015c6e1743c45c8915a630fb3ffe7cfbb0a216dd
- SSDEEP
  
  6144:Zr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6FT:Zr4iu6/eIo4Rsw33AtsmQa
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2