29a8ca1f447b116750b586d51f956b932c1b2ba89e6268a13c0d78ce93b4d23a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29a8ca1f447b116750b586d51f956b932c1b2ba89e6268a13c0d78ce93b4d23a
Size

301KB
Sample

221205-3dzzbsgc72
MD5

030eaa9f2df3051fb533fc698af639c7
SHA1

4b701055cb02c1baca3c72b73aace093ff1357d1
SHA256

29a8ca1f447b116750b586d51f956b932c1b2ba89e6268a13c0d78ce93b4d23a
SHA512

028157fbe05a0acbc2790cb8ac8a24e30bdaee3453e198c7a1dba6b65024521c784d58833b8c0fb82f27243b32dbb87c467c5ca7daf32a4d7fa8dc9b8bac6b54
SSDEEP

6144:hrkX6Y0JQBkQRl7174NpNUM+UHs+Q4qfYgiMNSNXzsz4d+O5ddKHcZjMUtUS77w:hrkX63yRl1uqM+gs+1lGSNXzSopdgHcY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  29a8ca1f447b116750b586d51f956b932c1b2ba89e6268a13c0d78ce93b4d23a
- Size
  
  301KB
- MD5
  
  030eaa9f2df3051fb533fc698af639c7
- SHA1
  
  4b701055cb02c1baca3c72b73aace093ff1357d1
- SHA256
  
  29a8ca1f447b116750b586d51f956b932c1b2ba89e6268a13c0d78ce93b4d23a
- SHA512
  
  028157fbe05a0acbc2790cb8ac8a24e30bdaee3453e198c7a1dba6b65024521c784d58833b8c0fb82f27243b32dbb87c467c5ca7daf32a4d7fa8dc9b8bac6b54
- SSDEEP
  
  6144:hrkX6Y0JQBkQRl7174NpNUM+UHs+Q4qfYgiMNSNXzsz4d+O5ddKHcZjMUtUS77w:hrkX63yRl1uqM+gs+1lGSNXzSopdgHcY
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2