716ce7fe411f352686b4071074aa96e1456ab7a67445b3cf1c475e18a4e5ac25 | Triage

Resubmissions

19-01-2022 16:33

220119-t2qk5abeck 10

25-11-2021 12:40

211125-pv9m7sfbhq 8

Sharing

General

Target

716ce7fe411f352686b4071074aa96e1456ab7a67445b3cf1c475e18a4e5ac25
Size

7.5MB
Sample

211125-pv9m7sfbhq
MD5

4ec77eb8280485764b6bc22f6cf7d57e
SHA1

85215638743eeb6800aaada5d057e96032db6906
SHA256

716ce7fe411f352686b4071074aa96e1456ab7a67445b3cf1c475e18a4e5ac25
SHA512

770b14b133ac0a7bfee3a973d43a5342cd021a731f1be4d557a332aa4945dbb9be6b25909291feeb766c3fd640ff943780d4172e2fe6f6c77a128585e7914954

Score

8^/10

Malware Config

Targets

- Target
  
  716ce7fe411f352686b4071074aa96e1456ab7a67445b3cf1c475e18a4e5ac25
- Size
  
  7.5MB
- MD5
  
  4ec77eb8280485764b6bc22f6cf7d57e
- SHA1
  
  85215638743eeb6800aaada5d057e96032db6906
- SHA256
  
  716ce7fe411f352686b4071074aa96e1456ab7a67445b3cf1c475e18a4e5ac25
- SHA512
  
  770b14b133ac0a7bfee3a973d43a5342cd021a731f1be4d557a332aa4945dbb9be6b25909291feeb766c3fd640ff943780d4172e2fe6f6c77a128585e7914954
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2