662465eb6766f2084ca2756ac99e598623c368ae072a46d7810f7caaad4ca68f | Triage

Sharing

General

Target

GovILCardSignSetup.exe
Size

1.7MB
Sample

210805-934vpc61gs
MD5

e802022f5ef47ef19e34fd83eb35a118
SHA1

3af2b49724fbb85b9387cf6765e695ad0ed156a6
SHA256

662465eb6766f2084ca2756ac99e598623c368ae072a46d7810f7caaad4ca68f
SHA512

6d3493303b37e79b8e0e8dd291f6b765c8b581119e0a636b748df1feb5a6c3dc3a96b6cf84ccd5f0122db74b6eb6212dbd21a8b53d8e02caa60a8d7f78cb43ce

Score

7^/10

Malware Config

Targets

- Target
  
  GovILCardSignSetup.exe
- Size
  
  1.7MB
- MD5
  
  e802022f5ef47ef19e34fd83eb35a118
- SHA1
  
  3af2b49724fbb85b9387cf6765e695ad0ed156a6
- SHA256
  
  662465eb6766f2084ca2756ac99e598623c368ae072a46d7810f7caaad4ca68f
- SHA512
  
  6d3493303b37e79b8e0e8dd291f6b765c8b581119e0a636b748df1feb5a6c3dc3a96b6cf84ccd5f0122db74b6eb6212dbd21a8b53d8e02caa60a8d7f78cb43ce
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2