28503e3fb6fc40f25477eeffefff4006b1d8ac89411aa3bc80537fab856e9350 | Triage

Sharing

General

Target

28503e3fb6fc40f25477eeffefff4006b1d8ac89411aa3bc80537fab856e9350
Size

27KB
Sample

221202-ar39paae4v
MD5

0f7d2fd096fb748ff8cdf55f10b93429
SHA1

5f349f2aa6c8eac92baba3140a228462a5e0adc5
SHA256

28503e3fb6fc40f25477eeffefff4006b1d8ac89411aa3bc80537fab856e9350
SHA512

01e4101a216c6b82f24741d4b6e818cb3ef30698314f7c7fd43ede05bc4d9865c4b4e95a3a1cf6673a4bdc5bd381d4cb4c851e20919eeae78a3940c365e5720b
SSDEEP

768:kuaS3WeUNZ45zF6Mxchrde5Jg7jycacVUc:k2WeAsQMxIrOJWjecVU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  28503e3fb6fc40f25477eeffefff4006b1d8ac89411aa3bc80537fab856e9350
- Size
  
  27KB
- MD5
  
  0f7d2fd096fb748ff8cdf55f10b93429
- SHA1
  
  5f349f2aa6c8eac92baba3140a228462a5e0adc5
- SHA256
  
  28503e3fb6fc40f25477eeffefff4006b1d8ac89411aa3bc80537fab856e9350
- SHA512
  
  01e4101a216c6b82f24741d4b6e818cb3ef30698314f7c7fd43ede05bc4d9865c4b4e95a3a1cf6673a4bdc5bd381d4cb4c851e20919eeae78a3940c365e5720b
- SSDEEP
  
  768:kuaS3WeUNZ45zF6Mxchrde5Jg7jycacVUc:k2WeAsQMxIrOJWjecVU
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2