6d5ff1836e64d10cba3715bdd4d3f5ef4aa9479fffecdafe9f7ce0532fc93e51 | Triage

Sharing

General

Target

QUOTATION RFQ TWM 419077 INFORMATION.exe
Size

316KB
Sample

230724-pygftsdf2t
MD5

56805820198a2e21d72d894a542ef339
SHA1

95c28d3bfc0e2b7fa872431001e9964c6b3ac281
SHA256

6d5ff1836e64d10cba3715bdd4d3f5ef4aa9479fffecdafe9f7ce0532fc93e51
SHA512

3956558eb5df3103e030b83fe2eec014cdf2df092c27526c87fdd082ffceda7727fa720e560ea41b2df9faad7588896fbc1e86ee092d4b61627d61835ab3e96f
SSDEEP

6144:kpkXchIk4kfn0v6J9ctSbbvlTeHiYIaXj4TTeB3VfoHhE5BAAanY/+wQJJqZwC9Z:hJk4kv0iJ9c+jlTPBaUTTpYAbnPJJqZ/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  QUOTATION RFQ TWM 419077 INFORMATION.exe
- Size
  
  316KB
- MD5
  
  56805820198a2e21d72d894a542ef339
- SHA1
  
  95c28d3bfc0e2b7fa872431001e9964c6b3ac281
- SHA256
  
  6d5ff1836e64d10cba3715bdd4d3f5ef4aa9479fffecdafe9f7ce0532fc93e51
- SHA512
  
  3956558eb5df3103e030b83fe2eec014cdf2df092c27526c87fdd082ffceda7727fa720e560ea41b2df9faad7588896fbc1e86ee092d4b61627d61835ab3e96f
- SSDEEP
  
  6144:kpkXchIk4kfn0v6J9ctSbbvlTeHiYIaXj4TTeB3VfoHhE5BAAanY/+wQJJqZwC9Z:hJk4kv0iJ9c+jlTPBaUTTpYAbnPJJqZ/
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2