fa79fb564b0aa7b3ffb73ebddf7a8b0993ae59d0ad22bea81126a44577e683c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa79fb564b0aa7b3ffb73ebddf7a8b0993ae59d0ad22bea81126a44577e683c8
Size

313KB
Sample

221206-sml4qahf47
MD5

4795cbacdfceb7ff2008ae51577e39fc
SHA1

06df9189e0cd7ed391f580a31e7f9e0cf80addaa
SHA256

fa79fb564b0aa7b3ffb73ebddf7a8b0993ae59d0ad22bea81126a44577e683c8
SHA512

a196bc9b17f30f3276365ff878be68777e84eb4484f9fa4d75f274f1e4f3e136d9a7fbf4d2e01cacc43a748b19369e42cdd7ab31c870cf4628b51360d781c6bc
SSDEEP

6144:PrV+6Y0JQBkQRl7174NpNUM+UHs+RGIZZCunCNROUawjhDMJwD0O:PrV+63yRl1uqM+gs+bLC8CNMUaohDMJs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fa79fb564b0aa7b3ffb73ebddf7a8b0993ae59d0ad22bea81126a44577e683c8
- Size
  
  313KB
- MD5
  
  4795cbacdfceb7ff2008ae51577e39fc
- SHA1
  
  06df9189e0cd7ed391f580a31e7f9e0cf80addaa
- SHA256
  
  fa79fb564b0aa7b3ffb73ebddf7a8b0993ae59d0ad22bea81126a44577e683c8
- SHA512
  
  a196bc9b17f30f3276365ff878be68777e84eb4484f9fa4d75f274f1e4f3e136d9a7fbf4d2e01cacc43a748b19369e42cdd7ab31c870cf4628b51360d781c6bc
- SSDEEP
  
  6144:PrV+6Y0JQBkQRl7174NpNUM+UHs+RGIZZCunCNROUawjhDMJwD0O:PrV+63yRl1uqM+gs+bLC8CNMUaohDMJs
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2