Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f
Size

7MB
Sample

230526-nlv8safb94
MD5

04a61b0ee9db0c48d5f3e4d56695c544
SHA1

3d3a3d2fa8ce824087fbadb2c02336887bae8fd0
SHA256

9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f
SHA512

86b371e82b1e59cd3dba4f1dd1694c705f1bff996e362e654af4ed2c850e00b6f7b6f27e1a4de62a477b1471b49eef5b0e8f937e28624ec5648ef4e47201d1b1
SSDEEP

98304:C8j4sQ4jTC9zKcIyAPIvRnKqeZWQgh8PnmFVpCRxrZaTubplO2FOYS:1j+PIyDoBY8mFzhTkplO2F0

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f
- Size
  
  7MB
- MD5
  
  04a61b0ee9db0c48d5f3e4d56695c544
- SHA1
  
  3d3a3d2fa8ce824087fbadb2c02336887bae8fd0
- SHA256
  
  9a28f0b1e09ffb82f27417b769461b9fd714999e8b34ca489ac7bc10595e5a6f
- SHA512
  
  86b371e82b1e59cd3dba4f1dd1694c705f1bff996e362e654af4ed2c850e00b6f7b6f27e1a4de62a477b1471b49eef5b0e8f937e28624ec5648ef4e47201d1b1
- SSDEEP
  
  98304:C8j4sQ4jTC9zKcIyAPIvRnKqeZWQgh8PnmFVpCRxrZaTubplO2FOYS:1j+PIyDoBY8mFzhTkplO2F0
Score

7^/10

discovery persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

Discovery

Query Registry

T1012

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Tasks

static1

behavioral1

discoverypersistence