767e4cecf0c7e009ec8edd90fb8d7d5a2650fbc643b902714f7378e170b5409a | Triage

Sharing

General

Target

767e4cecf0c7e009ec8edd90fb8d7d5a2650fbc643b902714f7378e170b5409a
Size

416KB
Sample

240914-k3cwzswhpe
MD5

a5c1fc3bca218a313aca14344cefe206
SHA1

dcb0aaac274f4c1f103f648d1c6d6642ecfeab05
SHA256

767e4cecf0c7e009ec8edd90fb8d7d5a2650fbc643b902714f7378e170b5409a
SHA512

bfc3f591a766428b555b80da1c77496fd24e6905f35a1e8748b43b8e7ba26575f20a4558672e8bcd8ab4e3cefcf1d8c85b9de0acd66c935b5d6ae817bfe2e1ff
SSDEEP

6144:CHHIrZYMEMiJ7WjOEvst6VQahfstiUjJbbv1AOQGnWHapfhlCvQM:CHGTESSEi6VQ2feJXv1qnICvQM

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  767e4cecf0c7e009ec8edd90fb8d7d5a2650fbc643b902714f7378e170b5409a
- Size
  
  416KB
- MD5
  
  a5c1fc3bca218a313aca14344cefe206
- SHA1
  
  dcb0aaac274f4c1f103f648d1c6d6642ecfeab05
- SHA256
  
  767e4cecf0c7e009ec8edd90fb8d7d5a2650fbc643b902714f7378e170b5409a
- SHA512
  
  bfc3f591a766428b555b80da1c77496fd24e6905f35a1e8748b43b8e7ba26575f20a4558672e8bcd8ab4e3cefcf1d8c85b9de0acd66c935b5d6ae817bfe2e1ff
- SSDEEP
  
  6144:CHHIrZYMEMiJ7WjOEvst6VQahfstiUjJbbv1AOQGnWHapfhlCvQM:CHGTESSEi6VQ2feJXv1qnICvQM
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2