77a3b81065901ced2e9c3034c54d406c162886f1b924575812eeb4d5252aa452 | Triage

Sharing

General

Target

77a3b81065901ced2e9c3034c54d406c162886f1b924575812eeb4d5252aa452
Size

36KB
Sample

221129-jct7xahb49
MD5

a2514e58ec47404bfc3f9f896122bae2
SHA1

8930435904b38fe4f686cb6f938cb15d02874480
SHA256

77a3b81065901ced2e9c3034c54d406c162886f1b924575812eeb4d5252aa452
SHA512

aaa165563a1913e7325501d08603df6cf8e09d62bb1deede84be61d144b8524039ddfd96b61f65ae40783af0c863313734c62bb7684926d32ca51e6ecf90dd2a
SSDEEP

384:KJEKyf3ZE3s4Mphzji0aXIP7Z99JBu5cw:2EPf3fHT97V3Oc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  77a3b81065901ced2e9c3034c54d406c162886f1b924575812eeb4d5252aa452
- Size
  
  36KB
- MD5
  
  a2514e58ec47404bfc3f9f896122bae2
- SHA1
  
  8930435904b38fe4f686cb6f938cb15d02874480
- SHA256
  
  77a3b81065901ced2e9c3034c54d406c162886f1b924575812eeb4d5252aa452
- SHA512
  
  aaa165563a1913e7325501d08603df6cf8e09d62bb1deede84be61d144b8524039ddfd96b61f65ae40783af0c863313734c62bb7684926d32ca51e6ecf90dd2a
- SSDEEP
  
  384:KJEKyf3ZE3s4Mphzji0aXIP7Z99JBu5cw:2EPf3fHT97V3Oc
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2