0ed25ac1dd0fa487a85416d936ba8ee320a3f21ced405328600b6ef8f4bd0f86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed25ac1dd0fa487a85416d936ba8ee320a3f21ced405328600b6ef8f4bd0f86
Size

70KB
Sample

221003-1v7dmahcfn
MD5

063c7e06d2a1480945b249d22f10e2ba
SHA1

f21b2f3a811f4993a3be874e5cf440d2ede85a9b
SHA256

0ed25ac1dd0fa487a85416d936ba8ee320a3f21ced405328600b6ef8f4bd0f86
SHA512

b573500fb832d86f2c445aa797c52d032723df7371ce85969cea457a5f98a53a8da546ef138470fb08621a079bf77f925f886092dccd284fcca547ed8c5f7eed
SSDEEP

1536:Lmyiq7WuHEqULxlayH2mHMC92hmtaRttM0cWFA0tw:L6eHEFuyH2kX2+abVcWTw

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  0ed25ac1dd0fa487a85416d936ba8ee320a3f21ced405328600b6ef8f4bd0f86
- Size
  
  70KB
- MD5
  
  063c7e06d2a1480945b249d22f10e2ba
- SHA1
  
  f21b2f3a811f4993a3be874e5cf440d2ede85a9b
- SHA256
  
  0ed25ac1dd0fa487a85416d936ba8ee320a3f21ced405328600b6ef8f4bd0f86
- SHA512
  
  b573500fb832d86f2c445aa797c52d032723df7371ce85969cea457a5f98a53a8da546ef138470fb08621a079bf77f925f886092dccd284fcca547ed8c5f7eed
- SSDEEP
  
  1536:Lmyiq7WuHEqULxlayH2mHMC92hmtaRttM0cWFA0tw:L6eHEFuyH2kX2+abVcWTw
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2