22f9df78f89a2368b21e2240e97e29ab0e85b2130fc72d648ccc48722967de43 | Triage

Sharing

General

Target

05e565f799c6fe4adc90f1ff9be51ef5
Size

332KB
Sample

231224-t15zesbehm
MD5

05e565f799c6fe4adc90f1ff9be51ef5
SHA1

9f3423b48bf61e4b30f39b95b28a7a106513fcc0
SHA256

22f9df78f89a2368b21e2240e97e29ab0e85b2130fc72d648ccc48722967de43
SHA512

0b486aabd706c5b75b3f92fe3cf25e2397e665e5663dc3e0a0bd12a64383b360539c6b47bd74ad9cd3b98b78fc2429685c9118232ea72ae3153360e2592d9216
SSDEEP

6144:Yrwl9uEo2S1YnQmCX492DkwNP3qpYFzlLUdbJ9ZTFJfr5KqimKJjBWeGeNOOFkx:YrKu6/eIo4w4z/F99KjmqtYrx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  05e565f799c6fe4adc90f1ff9be51ef5
- Size
  
  332KB
- MD5
  
  05e565f799c6fe4adc90f1ff9be51ef5
- SHA1
  
  9f3423b48bf61e4b30f39b95b28a7a106513fcc0
- SHA256
  
  22f9df78f89a2368b21e2240e97e29ab0e85b2130fc72d648ccc48722967de43
- SHA512
  
  0b486aabd706c5b75b3f92fe3cf25e2397e665e5663dc3e0a0bd12a64383b360539c6b47bd74ad9cd3b98b78fc2429685c9118232ea72ae3153360e2592d9216
- SSDEEP
  
  6144:Yrwl9uEo2S1YnQmCX492DkwNP3qpYFzlLUdbJ9ZTFJfr5KqimKJjBWeGeNOOFkx:YrKu6/eIo4w4z/F99KjmqtYrx
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2