9334c0e624ab8b68a9dcbdf2c37dd2f3c2546df89e7158024e633c428aa804ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9334c0e624ab8b68a9dcbdf2c37dd2f3c2546df89e7158024e633c428aa804ac
Size

43KB
Sample

221129-fx8n9ace8v
MD5

65085c88b831fe565c7d74c080578dd8
SHA1

2485eac38653b8ebca72b21fcf8829b00e00c0ba
SHA256

9334c0e624ab8b68a9dcbdf2c37dd2f3c2546df89e7158024e633c428aa804ac
SHA512

a6a359fb6998afb990fb93031ce36f635e63cbb284ac0e691811fced3c9f48c2efcc424cf1ce339940b96352d01f62c93d9aef8f0859c7f8e7c6bf4b4c6aae65
SSDEEP

768:yS+e6auoy+PMCc1O5v+55mxdtnE7RpFbyn5LZPRDsj6/4COo:+aTIO5UatERbg5pRDi6gC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9334c0e624ab8b68a9dcbdf2c37dd2f3c2546df89e7158024e633c428aa804ac
- Size
  
  43KB
- MD5
  
  65085c88b831fe565c7d74c080578dd8
- SHA1
  
  2485eac38653b8ebca72b21fcf8829b00e00c0ba
- SHA256
  
  9334c0e624ab8b68a9dcbdf2c37dd2f3c2546df89e7158024e633c428aa804ac
- SHA512
  
  a6a359fb6998afb990fb93031ce36f635e63cbb284ac0e691811fced3c9f48c2efcc424cf1ce339940b96352d01f62c93d9aef8f0859c7f8e7c6bf4b4c6aae65
- SSDEEP
  
  768:yS+e6auoy+PMCc1O5v+55mxdtnE7RpFbyn5LZPRDsj6/4COo:+aTIO5UatERbg5pRDi6gC
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2