20fbda5239a6d096191510fdc42ed25406088a6e0f2b33fc48f4e51d3daaddda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20fbda5239a6d096191510fdc42ed25406088a6e0f2b33fc48f4e51d3daaddda
Size

4.0MB
Sample

221002-x8jypshcfj
MD5

65b220e862ed1d275efb9562866c4c44
SHA1

45684bb0a95db0abf03004f66c835b05dbf77fd2
SHA256

20fbda5239a6d096191510fdc42ed25406088a6e0f2b33fc48f4e51d3daaddda
SHA512

f198506e7c380d8fe25231a1f857ca1d1919f5bea97e6e41d46ff249c37304292854f2d9797d6fd493a736f9f26bbd700267d9f263c9508672bb023967316902
SSDEEP

98304:Gdktdnfnwp3oOLuB/3/um1UCwW7MkdynA+0sfY:/tdn/izLsum2CFwSynT0r

Score

8^/10

upx

Malware Config

Targets

- Target
  
  20fbda5239a6d096191510fdc42ed25406088a6e0f2b33fc48f4e51d3daaddda
- Size
  
  4.0MB
- MD5
  
  65b220e862ed1d275efb9562866c4c44
- SHA1
  
  45684bb0a95db0abf03004f66c835b05dbf77fd2
- SHA256
  
  20fbda5239a6d096191510fdc42ed25406088a6e0f2b33fc48f4e51d3daaddda
- SHA512
  
  f198506e7c380d8fe25231a1f857ca1d1919f5bea97e6e41d46ff249c37304292854f2d9797d6fd493a736f9f26bbd700267d9f263c9508672bb023967316902
- SSDEEP
  
  98304:Gdktdnfnwp3oOLuB/3/um1UCwW7MkdynA+0sfY:/tdn/izLsum2CFwSynT0r
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2