3412ba20e1167fb58b73843259e6d3bb7992210ff8e35becd3151db5c73f1e23 | Triage

Sharing

General

Target

3412ba20e1167fb58b73843259e6d3bb7992210ff8e35becd3151db5c73f1e23.bin
Size

436KB
Sample

220916-xv5m9acbgm
MD5

2497784aaced6e3e9cb3c4e3b321b0ec
SHA1

ce4aac17928a0e2c5da10f5ac9681266980820c8
SHA256

3412ba20e1167fb58b73843259e6d3bb7992210ff8e35becd3151db5c73f1e23
SHA512

1778bbc1255e376a7d4cfe5532815cb094e6617adaa4f7e2bd4153cefedd525626a5b339dc73a2b51f6d39a54c3b8e859c02b7eb42e1d21b68fd535db1529fe2
SSDEEP

12288:5SynwGywOYkrOT/4aJvJFvm/hsek+3Y12wWq:5Sy8YkSJvJybRI4Dq

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  3412ba20e1167fb58b73843259e6d3bb7992210ff8e35becd3151db5c73f1e23.bin
- Size
  
  436KB
- MD5
  
  2497784aaced6e3e9cb3c4e3b321b0ec
- SHA1
  
  ce4aac17928a0e2c5da10f5ac9681266980820c8
- SHA256
  
  3412ba20e1167fb58b73843259e6d3bb7992210ff8e35becd3151db5c73f1e23
- SHA512
  
  1778bbc1255e376a7d4cfe5532815cb094e6617adaa4f7e2bd4153cefedd525626a5b339dc73a2b51f6d39a54c3b8e859c02b7eb42e1d21b68fd535db1529fe2
- SSDEEP
  
  12288:5SynwGywOYkrOT/4aJvJFvm/hsek+3Y12wWq:5Sy8YkSJvJybRI4Dq
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2