a9cf5c63dafb9188c7c0243298230a39cfcf6187a40a0ec9476dabb152c3a2e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9cf5c63dafb9188c7c0243298230a39cfcf6187a40a0ec9476dabb152c3a2e9
Size

51KB
Sample

221201-yj3vysee57
MD5

eb7a341654de3d869dddae07e13a611c
SHA1

c0bb0876d0e45920d4ce67d7dfeade78a7c027ab
SHA256

a9cf5c63dafb9188c7c0243298230a39cfcf6187a40a0ec9476dabb152c3a2e9
SHA512

dae92cd17ece3bb404d8f75d53208233ae70b46b8d5b862d0b14f3d2b823c7d0074bc7e9f8a788f4299217046447cf5246b16d1b2bc3e0f5e2db8da504d3e0a7
SSDEEP

768:4wPFlrtboXIdvn0bsOM+cjsGw7Ug8nwCK61GAz1EjrfFtj3ck4zo2JtEuATOUed:4DIdTJ++sGwtyw01Pzk+zonuVZ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a9cf5c63dafb9188c7c0243298230a39cfcf6187a40a0ec9476dabb152c3a2e9
- Size
  
  51KB
- MD5
  
  eb7a341654de3d869dddae07e13a611c
- SHA1
  
  c0bb0876d0e45920d4ce67d7dfeade78a7c027ab
- SHA256
  
  a9cf5c63dafb9188c7c0243298230a39cfcf6187a40a0ec9476dabb152c3a2e9
- SHA512
  
  dae92cd17ece3bb404d8f75d53208233ae70b46b8d5b862d0b14f3d2b823c7d0074bc7e9f8a788f4299217046447cf5246b16d1b2bc3e0f5e2db8da504d3e0a7
- SSDEEP
  
  768:4wPFlrtboXIdvn0bsOM+cjsGw7Ug8nwCK61GAz1EjrfFtj3ck4zo2JtEuATOUed:4DIdTJ++sGwtyw01Pzk+zonuVZ
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2