6ffd8c0f5287d6b18b096727d8415d631f57df84f9c9a728e74caf912afb19a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ffd8c0f5287d6b18b096727d8415d631f57df84f9c9a728e74caf912afb19a9
Size

72KB
Sample

221003-1v56kahcc4
MD5

33ad45d6d37b306a42e70d7a55fb5660
SHA1

c36a30099ab6aa973f30371b70ace9c176991f59
SHA256

6ffd8c0f5287d6b18b096727d8415d631f57df84f9c9a728e74caf912afb19a9
SHA512

c2a0530e8abd9ab44fb8263f814b3954b8f2d0f919b981ae410acfb930787aa032a56e41e3354b651375f87db080aaf5a1da5a7c35df5f3587de03bbf4390e0f
SSDEEP

1536:sm/6BS7LL1odo9yHSmJ0ZZTP5AXfcZdRdfufS:spBon1oWyHSiMZTP5EcZ

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  6ffd8c0f5287d6b18b096727d8415d631f57df84f9c9a728e74caf912afb19a9
- Size
  
  72KB
- MD5
  
  33ad45d6d37b306a42e70d7a55fb5660
- SHA1
  
  c36a30099ab6aa973f30371b70ace9c176991f59
- SHA256
  
  6ffd8c0f5287d6b18b096727d8415d631f57df84f9c9a728e74caf912afb19a9
- SHA512
  
  c2a0530e8abd9ab44fb8263f814b3954b8f2d0f919b981ae410acfb930787aa032a56e41e3354b651375f87db080aaf5a1da5a7c35df5f3587de03bbf4390e0f
- SSDEEP
  
  1536:sm/6BS7LL1odo9yHSmJ0ZZTP5AXfcZdRdfufS:spBon1oWyHSiMZTP5EcZ
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2