fa21642af7d41f5faef120d702fd17e31a91fff03006a92ee4378c86eb014287 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa21642af7d41f5faef120d702fd17e31a91fff03006a92ee4378c86eb014287
Size

27KB
Sample

221203-m1cvbagg3w
MD5

fe100510c2756b347d9ba836aad05c40
SHA1

0e53acc9a2e14446e0bb43653a393be3e8ef61b3
SHA256

fa21642af7d41f5faef120d702fd17e31a91fff03006a92ee4378c86eb014287
SHA512

4d863000e810b336268e1ca1441f4901b7c1aed47ccecb44394ae784f235b61f40cafb396739503e9c99dff6b0b334894fc1865a22a21bb4156179084e446892
SSDEEP

384:MwxDJFzm0Rv6+T5ObxoP3yGJTyDhfAvUH2vwXVOUZyh/:fH1rRi+TSiP3hJTyDhfcUHyOx4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fa21642af7d41f5faef120d702fd17e31a91fff03006a92ee4378c86eb014287
- Size
  
  27KB
- MD5
  
  fe100510c2756b347d9ba836aad05c40
- SHA1
  
  0e53acc9a2e14446e0bb43653a393be3e8ef61b3
- SHA256
  
  fa21642af7d41f5faef120d702fd17e31a91fff03006a92ee4378c86eb014287
- SHA512
  
  4d863000e810b336268e1ca1441f4901b7c1aed47ccecb44394ae784f235b61f40cafb396739503e9c99dff6b0b334894fc1865a22a21bb4156179084e446892
- SSDEEP
  
  384:MwxDJFzm0Rv6+T5ObxoP3yGJTyDhfAvUH2vwXVOUZyh/:fH1rRi+TSiP3hJTyDhfcUHyOx4
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2