3b2695657815832971d30dca392352d8f46ede265933bc68c71b7c050908720a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b2695657815832971d30dca392352d8f46ede265933bc68c71b7c050908720a
Size

304KB
Sample

221206-trwdmadb43
MD5

2e0adbbcd0083b69f172cadb4b6facbe
SHA1

ae5bed4dc3e80544f28d584b1953eca2ce31d26e
SHA256

3b2695657815832971d30dca392352d8f46ede265933bc68c71b7c050908720a
SHA512

349ead8902db3d968638848b89eb6bd54b4a5679c69c13c614fc50f890167444e5c36cd1aa955c8cbeaa8bea834e954e76c046248089abbe50fd04c6f037745f
SSDEEP

6144:nrkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i8:nrkX63yRl1uqM+gs+2RLTf+QLShvQx7b

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3b2695657815832971d30dca392352d8f46ede265933bc68c71b7c050908720a
- Size
  
  304KB
- MD5
  
  2e0adbbcd0083b69f172cadb4b6facbe
- SHA1
  
  ae5bed4dc3e80544f28d584b1953eca2ce31d26e
- SHA256
  
  3b2695657815832971d30dca392352d8f46ede265933bc68c71b7c050908720a
- SHA512
  
  349ead8902db3d968638848b89eb6bd54b4a5679c69c13c614fc50f890167444e5c36cd1aa955c8cbeaa8bea834e954e76c046248089abbe50fd04c6f037745f
- SSDEEP
  
  6144:nrkX6Y0JQBkQRl7174NpNUM+UHs+h43nRLFJO2t3OEhLSMwcU9P4WbXQx7i8:nrkX63yRl1uqM+gs+2RLTf+QLShvQx7b
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2