c7dda1929349fdee6bdfd864902fe08ba112de40f51ec8e931382cd2c6c9505b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7dda1929349fdee6bdfd864902fe08ba112de40f51ec8e931382cd2c6c9505b
Size

27KB
Sample

221203-qmg4nadd83
MD5

4cb33e31a550d318d10fd12dc2be3794
SHA1

783b7bcac089a2a0011156ba26a05054c2a2c66d
SHA256

c7dda1929349fdee6bdfd864902fe08ba112de40f51ec8e931382cd2c6c9505b
SHA512

9394b6ac1477e3e2e1c66a4aca8a0fa6cb22ab255d00bb34471fae5b91bb27c416e258cef174ba69740ef03f8ff3a559f8bcc737d19b06877179fc47f2a53b94
SSDEEP

384:yjUgamio6zYKRyK3nfbdR+bm1OkNLBN2WUyddBQJIi4uAGzqPyk4Tq:yXiHYKRyK3Dd7AqLbrtdBQJTvAK

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c7dda1929349fdee6bdfd864902fe08ba112de40f51ec8e931382cd2c6c9505b
- Size
  
  27KB
- MD5
  
  4cb33e31a550d318d10fd12dc2be3794
- SHA1
  
  783b7bcac089a2a0011156ba26a05054c2a2c66d
- SHA256
  
  c7dda1929349fdee6bdfd864902fe08ba112de40f51ec8e931382cd2c6c9505b
- SHA512
  
  9394b6ac1477e3e2e1c66a4aca8a0fa6cb22ab255d00bb34471fae5b91bb27c416e258cef174ba69740ef03f8ff3a559f8bcc737d19b06877179fc47f2a53b94
- SSDEEP
  
  384:yjUgamio6zYKRyK3nfbdR+bm1OkNLBN2WUyddBQJIi4uAGzqPyk4Tq:yXiHYKRyK3Dd7AqLbrtdBQJTvAK
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2