325a392e486e12ab7411f95d23cd2d392d5bc1959158c708a213784b450fb09a | Triage

Sharing

General

Target

325a392e486e12ab7411f95d23cd2d392d5bc1959158c708a213784b450fb09aN
Size

22KB
Sample

240920-jy959awfka
MD5

aaa1a8004652c770eb3bbf863019f880
SHA1

1b18f09d86b22642361d54f67783d69f46f4387e
SHA256

325a392e486e12ab7411f95d23cd2d392d5bc1959158c708a213784b450fb09a
SHA512

9c46c2afc985c74733eafa2a1f0594a56a5492ba41f35524adf0632fb86a1863257237ae97f9abb66a650c8dff2f9ed55b7f556d7ffb6225c19ac9e424c2d1ad
SSDEEP

384:ztGhPq/PSVoYZXgW8PK3mUarVMYVt8a6c6n5er7EgSgXuJDth0W:zt16VoYZwPK2UarVMYYaFbr799mHt

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  325a392e486e12ab7411f95d23cd2d392d5bc1959158c708a213784b450fb09aN
- Size
  
  22KB
- MD5
  
  aaa1a8004652c770eb3bbf863019f880
- SHA1
  
  1b18f09d86b22642361d54f67783d69f46f4387e
- SHA256
  
  325a392e486e12ab7411f95d23cd2d392d5bc1959158c708a213784b450fb09a
- SHA512
  
  9c46c2afc985c74733eafa2a1f0594a56a5492ba41f35524adf0632fb86a1863257237ae97f9abb66a650c8dff2f9ed55b7f556d7ffb6225c19ac9e424c2d1ad
- SSDEEP
  
  384:ztGhPq/PSVoYZXgW8PK3mUarVMYVt8a6c6n5er7EgSgXuJDth0W:zt16VoYZwPK2UarVMYYaFbr799mHt
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion