d36d42975b5c4be14a27067e3ef6205c3e089e7533c94d948cea09a6a7619554 | Triage

Sharing

General

Target

d36d42975b5c4be14a27067e3ef6205c3e089e7533c94d948cea09a6a7619554
Size

78KB
Sample

221205-gmseysbf25
MD5

156b28bb1522fc80cbaefcc618d3b7c0
SHA1

b671ca5b9688832828eec0e37ee1e976b4c5cc0e
SHA256

d36d42975b5c4be14a27067e3ef6205c3e089e7533c94d948cea09a6a7619554
SHA512

efff3e7505b2fae72d29f8ac79b508628a58c91511035239ba905f9e10cc9259bf94fb69107015be20864978df7ae2f435deed4764a2d3316ca4e33d90a61230
SSDEEP

1536:6E1hwzGx+4aS063TkYo2x6r59aPc8n2CST4+7QlKTCaWe96+gz:91sGx+n0YYox59R0+7QU6J+gz

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  d36d42975b5c4be14a27067e3ef6205c3e089e7533c94d948cea09a6a7619554
- Size
  
  78KB
- MD5
  
  156b28bb1522fc80cbaefcc618d3b7c0
- SHA1
  
  b671ca5b9688832828eec0e37ee1e976b4c5cc0e
- SHA256
  
  d36d42975b5c4be14a27067e3ef6205c3e089e7533c94d948cea09a6a7619554
- SHA512
  
  efff3e7505b2fae72d29f8ac79b508628a58c91511035239ba905f9e10cc9259bf94fb69107015be20864978df7ae2f435deed4764a2d3316ca4e33d90a61230
- SSDEEP
  
  1536:6E1hwzGx+4aS063TkYo2x6r59aPc8n2CST4+7QlKTCaWe96+gz:91sGx+n0YYox59R0+7QU6J+gz
Score

8^/10

evasion
- Executes dropped EXE
- Looks for VMWare Tools registry key
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2