b611e61acf59d5c69741d5e43ae53c7a19c8f078370a00f2c1802f567bb639c5 | Triage

Sharing

General

Target

b611e61acf59d5c69741d5e43ae53c7a19c8f078370a00f2c1802f567bb639c5
Size

33KB
Sample

221201-xpppvaed51
MD5

2540eafe8bba6e9410b069483676a851
SHA1

66c8a4b70d41954a2796708028ed56b8f26b7e72
SHA256

b611e61acf59d5c69741d5e43ae53c7a19c8f078370a00f2c1802f567bb639c5
SHA512

391617f1695d564f2aac9220fa184d2cc519e50b290272d88216e80e84e281f554e2053f858de94a91b445c547a1ba85e4f55baa421195cc0d41dc3d99f56dc5
SSDEEP

384:euH+6ahC6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:ek+5AD7BaJgWFda4cJq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b611e61acf59d5c69741d5e43ae53c7a19c8f078370a00f2c1802f567bb639c5
- Size
  
  33KB
- MD5
  
  2540eafe8bba6e9410b069483676a851
- SHA1
  
  66c8a4b70d41954a2796708028ed56b8f26b7e72
- SHA256
  
  b611e61acf59d5c69741d5e43ae53c7a19c8f078370a00f2c1802f567bb639c5
- SHA512
  
  391617f1695d564f2aac9220fa184d2cc519e50b290272d88216e80e84e281f554e2053f858de94a91b445c547a1ba85e4f55baa421195cc0d41dc3d99f56dc5
- SSDEEP
  
  384:euH+6ahC6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:ek+5AD7BaJgWFda4cJq
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2