e95d7d986e49332b887663d5bef1d478ac2ecee01ec426730a792e2c7fc7419b | Triage

Sharing

General

Target

e95d7d986e49332b887663d5bef1d478ac2ecee01ec426730a792e2c7fc7419b
Size

33KB
Sample

221203-nt4vwsfh46
MD5

164e526800e4a6351deb8d8c80927c4c
SHA1

98b1e6fe4a89896859053e9c39f98cb0206bcf94
SHA256

e95d7d986e49332b887663d5bef1d478ac2ecee01ec426730a792e2c7fc7419b
SHA512

30764380800f40821612297d165fdc178f72cf1663e980fc81afe6351644286cde7eb36cc8887a171a0cf96ad66c19f7a594c05f80a471fc9b4515f95eb6d3aa
SSDEEP

384:TuH+6ah2T6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:Tk+5AVD7BaJgWFda4cJq

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e95d7d986e49332b887663d5bef1d478ac2ecee01ec426730a792e2c7fc7419b
- Size
  
  33KB
- MD5
  
  164e526800e4a6351deb8d8c80927c4c
- SHA1
  
  98b1e6fe4a89896859053e9c39f98cb0206bcf94
- SHA256
  
  e95d7d986e49332b887663d5bef1d478ac2ecee01ec426730a792e2c7fc7419b
- SHA512
  
  30764380800f40821612297d165fdc178f72cf1663e980fc81afe6351644286cde7eb36cc8887a171a0cf96ad66c19f7a594c05f80a471fc9b4515f95eb6d3aa
- SSDEEP
  
  384:TuH+6ah2T6YDUCCR0FaJgffmFdJwYDcRw45H0rikLKY:Tk+5AVD7BaJgWFda4cJq
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2