a514092184a3e22800aa9a0614c94eeaca072ad819869f2565553639c349f33f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a514092184a3e22800aa9a0614c94eeaca072ad819869f2565553639c349f33f
Size

292KB
Sample

221207-dxnmzadg2v
MD5

66c66f9260406d7535a3ad2774e1f834
SHA1

0dc20a32b4b31b44390d773ec021be637dc1506e
SHA256

a514092184a3e22800aa9a0614c94eeaca072ad819869f2565553639c349f33f
SHA512

216d2e16fde05fb8e7628812dd9cee76973a6a1c5db884947a75e2f7d27ebbaf350205501376ae7ce28938b396c72cfce32d3acd260c2cfd1ad5f6069f030ad4
SSDEEP

6144:SrXF1FOIGOLzPgIyRKksImyzJpvBsXsgsF7E:IHEOLzPgVRKksImyzDp+ZE7E

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a514092184a3e22800aa9a0614c94eeaca072ad819869f2565553639c349f33f
- Size
  
  292KB
- MD5
  
  66c66f9260406d7535a3ad2774e1f834
- SHA1
  
  0dc20a32b4b31b44390d773ec021be637dc1506e
- SHA256
  
  a514092184a3e22800aa9a0614c94eeaca072ad819869f2565553639c349f33f
- SHA512
  
  216d2e16fde05fb8e7628812dd9cee76973a6a1c5db884947a75e2f7d27ebbaf350205501376ae7ce28938b396c72cfce32d3acd260c2cfd1ad5f6069f030ad4
- SSDEEP
  
  6144:SrXF1FOIGOLzPgIyRKksImyzJpvBsXsgsF7E:IHEOLzPgVRKksImyzDp+ZE7E
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2