55ad43218e3f8aba514e2d69c54f3e9f7c43d85e869274e4cc86cb1507e9a6a8 | Triage

Sharing

General

Target

67017f7bdda13b0deda6b85e1908b2df
Size

2.2MB
Sample

240119-hzvlhshacm
MD5

67017f7bdda13b0deda6b85e1908b2df
SHA1

a427d088c0417343ee8770ec3522af9b1ae78b1a
SHA256

55ad43218e3f8aba514e2d69c54f3e9f7c43d85e869274e4cc86cb1507e9a6a8
SHA512

06bf0ff49d09b8d84f262d472e6e5a9e976d40b8dc71a735050b9a327dc85728183b95e1bcf17b7d1e5e63dd23eeaf76998123347498ffda2530ab06eb82eaa5
SSDEEP

49152:4vONLqdIMDeBpBkmO7gtxjT3XBeOVG8eG29Jx0:jqCMDiBkEfjw98eGUI

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  ACR+11Tr-LNG/ACR+11Tr-LNG.exe
- Size
  
  2.2MB
- MD5
  
  f1652922addfb8cda246e360ccdf3a04
- SHA1
  
  12d9be8ba3e6b23ceca08c5e467dc9556223c60c
- SHA256
  
  710245b077076600d8a3589c6a30329ecc871c491ec86a65d4cbaefbb8abc976
- SHA512
  
  70ecf56490c7f9a455eb764960472c3a4a2b8feb9321f1dce3f5fdaa7448b90371d15dd2dc70a48765aa27cbfa91a0a8ad4daf4973a9d1f7d34c29f76d35be06
- SSDEEP
  
  49152:QlYg9e3QXns/+waOLW6StuI4MdLMK9i/z4TMmQ0NCxw3L:QlYg9yjhaOVStZkz4TMuNlb
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2