af401772985156ef58c4e0bbfe8f798087bb24a9b1b35c67beb87a04aa0356fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af401772985156ef58c4e0bbfe8f798087bb24a9b1b35c67beb87a04aa0356fa
Size

327KB
Sample

221204-pfakkagf38
MD5

5298c7f9557fa8549c0942cc8467b9e1
SHA1

c68b7ddb5616d23707736bb2a30f8ac37370a4b9
SHA256

af401772985156ef58c4e0bbfe8f798087bb24a9b1b35c67beb87a04aa0356fa
SHA512

1830038ba7150bc40bf05d6553f3836d72d7a9c636e50538e0c4e860f845c003c5bd50a3e154dd80c1dbca2e86878a6d856fd7e3396c8e12d67c55149b5066ce
SSDEEP

6144:hr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fu:hr4iu6/eIo4Rsw33AtsmQb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  af401772985156ef58c4e0bbfe8f798087bb24a9b1b35c67beb87a04aa0356fa
- Size
  
  327KB
- MD5
  
  5298c7f9557fa8549c0942cc8467b9e1
- SHA1
  
  c68b7ddb5616d23707736bb2a30f8ac37370a4b9
- SHA256
  
  af401772985156ef58c4e0bbfe8f798087bb24a9b1b35c67beb87a04aa0356fa
- SHA512
  
  1830038ba7150bc40bf05d6553f3836d72d7a9c636e50538e0c4e860f845c003c5bd50a3e154dd80c1dbca2e86878a6d856fd7e3396c8e12d67c55149b5066ce
- SSDEEP
  
  6144:hr469uEo2S1YnQmCX492DkwNP3qpYFGgjwuBGVdLAt4ZHd2i3gjd+ZD/6Fu:hr4iu6/eIo4Rsw33AtsmQb
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2