afeb95e3e96c3c6f3f3a587913a415c2582dc50480cd8fb09c3fd70189a9ac55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afeb95e3e96c3c6f3f3a587913a415c2582dc50480cd8fb09c3fd70189a9ac55
Size

313KB
Sample

221204-gwsgbagg5y
MD5

13f9f1121a7df4d2d53e946461115b23
SHA1

6c709d09ed3b7c7f5514c4714262ae4c43a4fb74
SHA256

afeb95e3e96c3c6f3f3a587913a415c2582dc50480cd8fb09c3fd70189a9ac55
SHA512

69d0378adcce1080280d73fdc9e941170fdc4ba886e5fda84f909f3f32f625ec0909f3d65f4b1b9a4548543502bce13fff5cc369b587a0d4a0cc09fd7b73c079
SSDEEP

6144:3ro9uEo2S1YnQmCX492DkwNP3qpYFx1PKR9bwMHCrwqdS1D/9n1v94dm:3rAu6/eIo4s1yR9lsc/adm

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  afeb95e3e96c3c6f3f3a587913a415c2582dc50480cd8fb09c3fd70189a9ac55
- Size
  
  313KB
- MD5
  
  13f9f1121a7df4d2d53e946461115b23
- SHA1
  
  6c709d09ed3b7c7f5514c4714262ae4c43a4fb74
- SHA256
  
  afeb95e3e96c3c6f3f3a587913a415c2582dc50480cd8fb09c3fd70189a9ac55
- SHA512
  
  69d0378adcce1080280d73fdc9e941170fdc4ba886e5fda84f909f3f32f625ec0909f3d65f4b1b9a4548543502bce13fff5cc369b587a0d4a0cc09fd7b73c079
- SSDEEP
  
  6144:3ro9uEo2S1YnQmCX492DkwNP3qpYFx1PKR9bwMHCrwqdS1D/9n1v94dm:3rAu6/eIo4s1yR9lsc/adm
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2