21e687374092e8442ccf120dee647b6db08cc27cda05b833aaee9c13b38f9f98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3bbe52ccb05d1f15232544e060ddd0e
Size

28KB
Sample

240225-n8js9sbh5v
MD5

a3bbe52ccb05d1f15232544e060ddd0e
SHA1

5018b4fa09fda65a2ed07b8c608c217fdd2b2eeb
SHA256

21e687374092e8442ccf120dee647b6db08cc27cda05b833aaee9c13b38f9f98
SHA512

d480584b71c653e7a651e831cbef085c55219325961a9b2486f1e91a18dd106ae5e01cf41fa76fdce221db83adc79678dab2850ef6cb2bd5bffa1b97e9b630ed
SSDEEP

384:tQApLnxM9Ytx5CS8x7XYLPmn0/eyARl0+Y4Pl:9UY1CPSen0fcLY4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a3bbe52ccb05d1f15232544e060ddd0e
- Size
  
  28KB
- MD5
  
  a3bbe52ccb05d1f15232544e060ddd0e
- SHA1
  
  5018b4fa09fda65a2ed07b8c608c217fdd2b2eeb
- SHA256
  
  21e687374092e8442ccf120dee647b6db08cc27cda05b833aaee9c13b38f9f98
- SHA512
  
  d480584b71c653e7a651e831cbef085c55219325961a9b2486f1e91a18dd106ae5e01cf41fa76fdce221db83adc79678dab2850ef6cb2bd5bffa1b97e9b630ed
- SSDEEP
  
  384:tQApLnxM9Ytx5CS8x7XYLPmn0/eyARl0+Y4Pl:9UY1CPSen0fcLY4
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2