21c9351325746d7182af3566c4337016cc6449d041d771e14f17554382db2c6f | Triage

Sharing

General

Target

2a0a8f11057d50efd4d9e8703e1ec621
Size

313KB
Sample

231225-s4f9sshfhr
MD5

2a0a8f11057d50efd4d9e8703e1ec621
SHA1

49dbec5507c856d772acbf83a3bef3f8c80e9643
SHA256

21c9351325746d7182af3566c4337016cc6449d041d771e14f17554382db2c6f
SHA512

e47cff9d55db29be856e8cb09deb71c697f9f8431513d50cfbd39441c6140e817d631f3d5ec2fc66205705cc94547762f69164f16953ab7a2d187ca383966d18
SSDEEP

6144:XrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0LW:Xryu6/eIo4vMResyEf0uP9d9UG0W

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2a0a8f11057d50efd4d9e8703e1ec621
- Size
  
  313KB
- MD5
  
  2a0a8f11057d50efd4d9e8703e1ec621
- SHA1
  
  49dbec5507c856d772acbf83a3bef3f8c80e9643
- SHA256
  
  21c9351325746d7182af3566c4337016cc6449d041d771e14f17554382db2c6f
- SHA512
  
  e47cff9d55db29be856e8cb09deb71c697f9f8431513d50cfbd39441c6140e817d631f3d5ec2fc66205705cc94547762f69164f16953ab7a2d187ca383966d18
- SSDEEP
  
  6144:XrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0LW:Xryu6/eIo4vMResyEf0uP9d9UG0W
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2