715bfd1d5cbc1b3ae597d6d00d9bd94c538d2ab2c4d9fe421ce5f6e8d2d878bf | Triage

Sharing

General

Target

715bfd1d5cbc1b3ae597d6d00d9bd94c538d2ab2c4d9fe421ce5f6e8d2d878bf
Size

180KB
Sample

221003-bgrnksbefk
MD5

0533f7c0b50ca7b4a4ef754e83ebfb50
SHA1

fdd7dfe5a319ab9a0774ffd121cf16255a83e07b
SHA256

715bfd1d5cbc1b3ae597d6d00d9bd94c538d2ab2c4d9fe421ce5f6e8d2d878bf
SHA512

994d69d54751f2996482a0f76df9909a964f667702665b65d84b566d35eae5274a1f3cd73b3019cc4bf66872e754f2cb201efbed4fb862c34648c4561c696b0d
SSDEEP

3072:EURyOdbGgOd1aZmhYDfS5b4vtX9Raq5cVSJu+3/RaSpWIyHXboP:EZOdbGgUay4S5AttR7cUJu4ASAHXboP

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  715bfd1d5cbc1b3ae597d6d00d9bd94c538d2ab2c4d9fe421ce5f6e8d2d878bf
- Size
  
  180KB
- MD5
  
  0533f7c0b50ca7b4a4ef754e83ebfb50
- SHA1
  
  fdd7dfe5a319ab9a0774ffd121cf16255a83e07b
- SHA256
  
  715bfd1d5cbc1b3ae597d6d00d9bd94c538d2ab2c4d9fe421ce5f6e8d2d878bf
- SHA512
  
  994d69d54751f2996482a0f76df9909a964f667702665b65d84b566d35eae5274a1f3cd73b3019cc4bf66872e754f2cb201efbed4fb862c34648c4561c696b0d
- SSDEEP
  
  3072:EURyOdbGgOd1aZmhYDfS5b4vtX9Raq5cVSJu+3/RaSpWIyHXboP:EZOdbGgUay4S5AttR7cUJu4ASAHXboP
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2