8b2848db25a00f645822f12ccbb2c656d01b40d65987ad6350434306adb62ecc | Triage

Sharing

General

Target

8b2848db25a00f645822f12ccbb2c656d01b40d65987ad6350434306adb62ecc
Size

78KB
Sample

221003-23z5ysbdgr
MD5

4c945719abadac53692359c0e1be80f0
SHA1

48052fd7499fe8b1e7da7418c71550dba6897605
SHA256

8b2848db25a00f645822f12ccbb2c656d01b40d65987ad6350434306adb62ecc
SHA512

0a1053ec3d7b07951c8effce553e9a455e2673841ec8880d5d310b31ce3d2eb35635e371b9ad02ebd39d25d1f3f7542015c1ee4aaebc2ad54f9914330433d6c9
SSDEEP

1536:g0qfWT5MXE8hzFJw+pFr0qfWT5MB7NsP6JRHFoaUxra6H:bwWT5gtzTrpFIwWT5m7ay7FX8HH

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  8b2848db25a00f645822f12ccbb2c656d01b40d65987ad6350434306adb62ecc
- Size
  
  78KB
- MD5
  
  4c945719abadac53692359c0e1be80f0
- SHA1
  
  48052fd7499fe8b1e7da7418c71550dba6897605
- SHA256
  
  8b2848db25a00f645822f12ccbb2c656d01b40d65987ad6350434306adb62ecc
- SHA512
  
  0a1053ec3d7b07951c8effce553e9a455e2673841ec8880d5d310b31ce3d2eb35635e371b9ad02ebd39d25d1f3f7542015c1ee4aaebc2ad54f9914330433d6c9
- SSDEEP
  
  1536:g0qfWT5MXE8hzFJw+pFr0qfWT5MB7NsP6JRHFoaUxra6H:bwWT5gtzTrpFIwWT5m7ay7FX8HH
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2