6b6fc62a294d5ef1c619d623f1cf6d735d9f191df9ef5c745b0881b1e01b8565 | Triage

Sharing

General

Target

e159d860d0cfa59816c686e4a9914113.exe
Size

21.6MB
Sample

211014-gak54sgce2
MD5

e159d860d0cfa59816c686e4a9914113
SHA1

484539b10b659fb4ab48e79bb0de0d0879153426
SHA256

6b6fc62a294d5ef1c619d623f1cf6d735d9f191df9ef5c745b0881b1e01b8565
SHA512

63c8fd0c70c18406909d914af5f0c8ab0708bbeee7e896d54c77b80e32b0fbb413e87d9e93498ddbbbaacf24a98cacabac81b861982749d6671ae7a05b1fbab2

Score

8^/10

Malware Config

Targets

- Target
  
  e159d860d0cfa59816c686e4a9914113.exe
- Size
  
  21.6MB
- MD5
  
  e159d860d0cfa59816c686e4a9914113
- SHA1
  
  484539b10b659fb4ab48e79bb0de0d0879153426
- SHA256
  
  6b6fc62a294d5ef1c619d623f1cf6d735d9f191df9ef5c745b0881b1e01b8565
- SHA512
  
  63c8fd0c70c18406909d914af5f0c8ab0708bbeee7e896d54c77b80e32b0fbb413e87d9e93498ddbbbaacf24a98cacabac81b861982749d6671ae7a05b1fbab2
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2