e854205221b00c30bdffb4b11752d159ae8e00cdfedc102526d2e3ce6340de77 | Triage

Sharing

General

Target

e854205221b00c30bdffb4b11752d159ae8e00cdfedc102526d2e3ce6340de77
Size

982KB
Sample

201117-abyavf7yex
MD5

3bbc12e740224a4eb4e94a4f8702793b
SHA1

12ff5cc349c5e6e5501416f40049bdc4d776adcb
SHA256

e854205221b00c30bdffb4b11752d159ae8e00cdfedc102526d2e3ce6340de77
SHA512

2bc507a6636091c9e4eb0d56f2a81de3ba1037c7679cd31b6e1f767368cd9ed11e5f2165cbbc1fff4cc4fae89a733c7651c50228601132fe0448c12490563c42

Score

8^/10

discovery evasion persistence upx

Malware Config

Targets

- Target
  
  e854205221b00c30bdffb4b11752d159ae8e00cdfedc102526d2e3ce6340de77
- Size
  
  982KB
- MD5
  
  3bbc12e740224a4eb4e94a4f8702793b
- SHA1
  
  12ff5cc349c5e6e5501416f40049bdc4d776adcb
- SHA256
  
  e854205221b00c30bdffb4b11752d159ae8e00cdfedc102526d2e3ce6340de77
- SHA512
  
  2bc507a6636091c9e4eb0d56f2a81de3ba1037c7679cd31b6e1f767368cd9ed11e5f2165cbbc1fff4cc4fae89a733c7651c50228601132fe0448c12490563c42
Score

8^/10

discovery evasion persistence
- Disables Task Manager via registry modification
  evasion
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Hidden Files and Directories

Privilege Escalation

Scheduled Task

Defense Evasion

File Permissions Modification

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2