d00a91da4bf2e004a25e5064242f2cf9524257457296221a1a0e96c1516ab9e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d00a91da4bf2e004a25e5064242f2cf9524257457296221a1a0e96c1516ab9e6
Size

33KB
Sample

221203-pvsdxsbb43
MD5

4a9bb89c952f6c219515f4aae923060e
SHA1

7e7cc3f6f92ffee0f57bd043ffc18e561206fa4d
SHA256

d00a91da4bf2e004a25e5064242f2cf9524257457296221a1a0e96c1516ab9e6
SHA512

94770e7c2f8ea3199781e5a7a6995a88b9b0b1a3ba6b477ac04c38c89cb2cc775350126b432bb0ff0fd1a02019fb7c307f6bfd1c6336c0e0ffdd36c2db94e4fb
SSDEEP

384:s1AF6ahsp3fJKEa2/EIa0CPfi/cMuBhm8Aom1l9CQAL:sg5ip3fgEJYPfiEMGM8AnrPAL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d00a91da4bf2e004a25e5064242f2cf9524257457296221a1a0e96c1516ab9e6
- Size
  
  33KB
- MD5
  
  4a9bb89c952f6c219515f4aae923060e
- SHA1
  
  7e7cc3f6f92ffee0f57bd043ffc18e561206fa4d
- SHA256
  
  d00a91da4bf2e004a25e5064242f2cf9524257457296221a1a0e96c1516ab9e6
- SHA512
  
  94770e7c2f8ea3199781e5a7a6995a88b9b0b1a3ba6b477ac04c38c89cb2cc775350126b432bb0ff0fd1a02019fb7c307f6bfd1c6336c0e0ffdd36c2db94e4fb
- SSDEEP
  
  384:s1AF6ahsp3fJKEa2/EIa0CPfi/cMuBhm8Aom1l9CQAL:sg5ip3fgEJYPfiEMGM8AnrPAL
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2