98ed347973b5971c030be0baf94fa242ee82ae34dd887ff6f5eade26096d5161 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98ed347973b5971c030be0baf94fa242ee82ae34dd887ff6f5eade26096d5161
Size

36KB
Sample

221203-vadb6agg98
MD5

fc3db547c7abe71052462f667cc16b4f
SHA1

8c7db6928bd55d97425c4b7823ebc1a980e2e659
SHA256

98ed347973b5971c030be0baf94fa242ee82ae34dd887ff6f5eade26096d5161
SHA512

bdcbf8b7f2efde288024f4270195aaf0005acede54d21eeb0b73be6b8ee8000f0f466e5ee8f1b407331fe9d5807f5c9b379dbe14d5f0032ca4d5fff1e5451cd9
SSDEEP

384:x0mHZE6g4thgWNSDu+iyC6pM8wc9Km7P9:x0mHU78SPiyCss

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  98ed347973b5971c030be0baf94fa242ee82ae34dd887ff6f5eade26096d5161
- Size
  
  36KB
- MD5
  
  fc3db547c7abe71052462f667cc16b4f
- SHA1
  
  8c7db6928bd55d97425c4b7823ebc1a980e2e659
- SHA256
  
  98ed347973b5971c030be0baf94fa242ee82ae34dd887ff6f5eade26096d5161
- SHA512
  
  bdcbf8b7f2efde288024f4270195aaf0005acede54d21eeb0b73be6b8ee8000f0f466e5ee8f1b407331fe9d5807f5c9b379dbe14d5f0032ca4d5fff1e5451cd9
- SSDEEP
  
  384:x0mHZE6g4thgWNSDu+iyC6pM8wc9Km7P9:x0mHU78SPiyCss
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2