ddc768a929a80d6ea45b23a5ea1e760313638ed2f8f1839e52bdf18e42f84adc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

734e1261235099cf80b1dead63db93fa
Size

2.0MB
Sample

240125-a848bacfc2
MD5

734e1261235099cf80b1dead63db93fa
SHA1

f2c78affd1080079125725bd2b5bf11bdc55a40d
SHA256

ddc768a929a80d6ea45b23a5ea1e760313638ed2f8f1839e52bdf18e42f84adc
SHA512

1606372b9fa57013d90cbee8a6878c416ef6b3ef8823ebb522074066e684f3f52503ddbbfd1bbcc7e1c9c53c12ca6abe1acbe9de5a20b2ec345e8ccac5061a0f
SSDEEP

49152:2sQbiZv2zvlcYsGIi0olP6UYjMwnfa/wrY7v:iT9fITorYjMyiv

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  DEHR+19Tr-LNG/DEHR+19Tr-LNG.exe
- Size
  
  2.1MB
- MD5
  
  231cb625af23d3e29eecb28d5c046487
- SHA1
  
  782c55e5601f595f7cce758558ecabcc25656712
- SHA256
  
  c76a37e498a6c5adb7a25264d69918e366570b2841e8c46b29622bb0005ff368
- SHA512
  
  2e28ee3188968fdf5b7f1f2f0adba6071d9a5597355631d0685e9e20dfff52f4e80ba5bff8068601f29b397f4d660e01e8acf212aa378868464104516dedcdc1
- SSDEEP
  
  49152:z5V8TKLPBr/AVaNY8YDN3t9T2xMywKqPLR0:z5V8TKLPl/DNY8at9iN8Pi
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2