28cdbab0a9e3306f1f538c10fd7d96da0e93a5feb37ba60ad0218fd25d879505 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cef3c282b4b7cae9a63c9ee59f306e5
Size

27KB
Sample

231225-hnvr5shgh9
MD5

0cef3c282b4b7cae9a63c9ee59f306e5
SHA1

1d59548b63fd47ccd43478e4f1b750f2dc0c1f17
SHA256

28cdbab0a9e3306f1f538c10fd7d96da0e93a5feb37ba60ad0218fd25d879505
SHA512

0f8751d7900fd2ec934c1b478683286cab1eb64e949d311bc4feb9ca19d0e3cda33993df284e2aeef87082a203ac35f4b62168afcd58d64f8850ab179b3e9555
SSDEEP

768:k2aS3WeUNZ45zF6Mxchrde5Jg7jycacVUc:w2WeAsQMxIrOJWjecVU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  0cef3c282b4b7cae9a63c9ee59f306e5
- Size
  
  27KB
- MD5
  
  0cef3c282b4b7cae9a63c9ee59f306e5
- SHA1
  
  1d59548b63fd47ccd43478e4f1b750f2dc0c1f17
- SHA256
  
  28cdbab0a9e3306f1f538c10fd7d96da0e93a5feb37ba60ad0218fd25d879505
- SHA512
  
  0f8751d7900fd2ec934c1b478683286cab1eb64e949d311bc4feb9ca19d0e3cda33993df284e2aeef87082a203ac35f4b62168afcd58d64f8850ab179b3e9555
- SSDEEP
  
  768:k2aS3WeUNZ45zF6Mxchrde5Jg7jycacVUc:w2WeAsQMxIrOJWjecVU
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2