0b55d756fa6e115b8a0ee984a554f697ead89ae6f65815611f108faa9d874ecc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e47918b178b272c0b7f5963209680a5
Size

13KB
Sample

231225-pmm48sdab9
MD5

1e47918b178b272c0b7f5963209680a5
SHA1

37d1dfbb81b5b3a3d52b2801f3455cec9dcbfa78
SHA256

0b55d756fa6e115b8a0ee984a554f697ead89ae6f65815611f108faa9d874ecc
SHA512

45aa6deabe52628203e0dd5b2b04af9ca2038cec124f09efe7d5f37e59e11b3c94274a26b105ad12164e3b19d1850f5fe52884214bb8d1a7fa1305c37861f413
SSDEEP

192:+yEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:j04Vfdj9JT9uxRgZGz0glhPuDWWx3f

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1e47918b178b272c0b7f5963209680a5
- Size
  
  13KB
- MD5
  
  1e47918b178b272c0b7f5963209680a5
- SHA1
  
  37d1dfbb81b5b3a3d52b2801f3455cec9dcbfa78
- SHA256
  
  0b55d756fa6e115b8a0ee984a554f697ead89ae6f65815611f108faa9d874ecc
- SHA512
  
  45aa6deabe52628203e0dd5b2b04af9ca2038cec124f09efe7d5f37e59e11b3c94274a26b105ad12164e3b19d1850f5fe52884214bb8d1a7fa1305c37861f413
- SSDEEP
  
  192:+yEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:j04Vfdj9JT9uxRgZGz0glhPuDWWx3f
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2