General

  • Target

    24ea6b7f6e8f941bb616e24dc8b0abad3f11945704e1babaf38a7aeb0246d71f

  • Size

    180KB

  • Sample

    220919-np5lmaehd6

  • MD5

    2d8462b9f8252c83bb461cd14010b2bd

  • SHA1

    a05fa49c558fa2e6439a814d72056fc9b3a748d8

  • SHA256

    24ea6b7f6e8f941bb616e24dc8b0abad3f11945704e1babaf38a7aeb0246d71f

  • SHA512

    10698b5e857c9fe6d6a40791c5b01a12b610d6760053c6c44353d2d735e8c98f0446e302b712232bf81f93bf3a06bb1efd565206ef4a0807fb3fbd82e1ba2845

  • SSDEEP

    3072:pXvTb0Y5FmB3nF7WZvr3OBCR+L550cmZ9Sm4vQeVDjee3RpMOGPv:pfMQFmB3nF7Whr3OBCITagbJDjee3Rpg

Score
8/10

Malware Config

Targets

    • Target

      24ea6b7f6e8f941bb616e24dc8b0abad3f11945704e1babaf38a7aeb0246d71f

    • Size

      180KB

    • MD5

      2d8462b9f8252c83bb461cd14010b2bd

    • SHA1

      a05fa49c558fa2e6439a814d72056fc9b3a748d8

    • SHA256

      24ea6b7f6e8f941bb616e24dc8b0abad3f11945704e1babaf38a7aeb0246d71f

    • SHA512

      10698b5e857c9fe6d6a40791c5b01a12b610d6760053c6c44353d2d735e8c98f0446e302b712232bf81f93bf3a06bb1efd565206ef4a0807fb3fbd82e1ba2845

    • SSDEEP

      3072:pXvTb0Y5FmB3nF7WZvr3OBCR+L550cmZ9Sm4vQeVDjee3RpMOGPv:pfMQFmB3nF7Whr3OBCITagbJDjee3Rpg

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks