478e0039500b2bcd513088dd9133ce7645a20b041902efdab485ecb162571af4 | Triage

Sharing

General

Target

478e0039500b2bcd513088dd9133ce7645a20b041902efdab485ecb162571af4
Size

318KB
Sample

221206-tntqmach24
MD5

427d73b32f663e67ea091338988effc2
SHA1

3e95a4303393b43d8c6385556cab7de4588d17ed
SHA256

478e0039500b2bcd513088dd9133ce7645a20b041902efdab485ecb162571af4
SHA512

fc66aab32f5350a7647db3ffb97c7a49cf7ab85144a2f41c85e7407b62781c2e5daf4ccdd58f37f1c29608e1888b1deb6177a59c67a3bb33989d237a14e24ca1
SSDEEP

6144:Nr4S6Y0JQBkQRl7174NpNUM+UHs+iBQ8+D07NHSavn+gQ5C9x5Csh:Nr4S63yRl1uqM+gs+iOVAIwnHokKq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  478e0039500b2bcd513088dd9133ce7645a20b041902efdab485ecb162571af4
- Size
  
  318KB
- MD5
  
  427d73b32f663e67ea091338988effc2
- SHA1
  
  3e95a4303393b43d8c6385556cab7de4588d17ed
- SHA256
  
  478e0039500b2bcd513088dd9133ce7645a20b041902efdab485ecb162571af4
- SHA512
  
  fc66aab32f5350a7647db3ffb97c7a49cf7ab85144a2f41c85e7407b62781c2e5daf4ccdd58f37f1c29608e1888b1deb6177a59c67a3bb33989d237a14e24ca1
- SSDEEP
  
  6144:Nr4S6Y0JQBkQRl7174NpNUM+UHs+iBQ8+D07NHSavn+gQ5C9x5Csh:Nr4S63yRl1uqM+gs+iOVAIwnHokKq
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2