58dff546c678714bbfaf8d84d1f29f41ed74a7eed60d2512665a19d572a36f1d | Triage

Sharing

General

Target

2a4505b182629cf5fb8ede078b70c699
Size

28KB
Sample

231225-s6h66sbge3
MD5

2a4505b182629cf5fb8ede078b70c699
SHA1

893513d62906c2800b0a83e99bc24de28ecdcb3a
SHA256

58dff546c678714bbfaf8d84d1f29f41ed74a7eed60d2512665a19d572a36f1d
SHA512

c4b1cce06e150319d99b94b01b085c5fd79e5bf0a6bb5ea759cf18bb9887a5bdbe7753da2e25192d4a7ad8958971a9fb0b37c57d8f637a22cc911cd7133fd39e
SSDEEP

384:gy+ppmj1VlhX4WaXzfwwXNyiDx10jaQpRveBj0YUSHNpXoEqPQ0:gy+ppmjflhXDMzfww9VypRvyLVqp

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2a4505b182629cf5fb8ede078b70c699
- Size
  
  28KB
- MD5
  
  2a4505b182629cf5fb8ede078b70c699
- SHA1
  
  893513d62906c2800b0a83e99bc24de28ecdcb3a
- SHA256
  
  58dff546c678714bbfaf8d84d1f29f41ed74a7eed60d2512665a19d572a36f1d
- SHA512
  
  c4b1cce06e150319d99b94b01b085c5fd79e5bf0a6bb5ea759cf18bb9887a5bdbe7753da2e25192d4a7ad8958971a9fb0b37c57d8f637a22cc911cd7133fd39e
- SSDEEP
  
  384:gy+ppmj1VlhX4WaXzfwwXNyiDx10jaQpRveBj0YUSHNpXoEqPQ0:gy+ppmjflhXDMzfww9VypRvyLVqp
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2