813405f2ccb554b4098235b44606aa484902412788803fb4823de97f44a61a8a | Triage

Sharing

General

Target

813405f2ccb554b4098235b44606aa484902412788803fb4823de97f44a61a8a
Size

39KB
Sample

221003-msmdsacfc7
MD5

51caef281786a66c054ed43fff6ba17e
SHA1

35dce1f749ce275d95929f9970fc465885442300
SHA256

813405f2ccb554b4098235b44606aa484902412788803fb4823de97f44a61a8a
SHA512

5c7aed017cf72ae5b9530fca35ea86a5745862865b76e3318c6ce34baa78182d46e17360930f3fa1c94765dfd7f410eaf29162fa43cf6ed3330ed4ba99d8092f
SSDEEP

768:M+MXzB9PajBvMlTCvTGe8HErrK5/yy7VWGeLIhtOf2wLOtjPTR6MQy/Wg/:qXzB9Paj5zv1brmay7VWGeueLyPP/v

Score

7^/10

Malware Config

Targets

- Target
  
  1_nas2022-NAS管理-rw.exe
- Size
  
  81KB
- MD5
  
  6a9c1fd245ee2350ee7f1e27a36fb0ff
- SHA1
  
  4b3e3d9fb614ac6a82c689112d9f237bff06d1bd
- SHA256
  
  b45a262789e9f238dc8c00b9640db1c40b4cc08ceb365ddff53b946ff85d9dd8
- SHA512
  
  51146e59fe8c191bb9881d67b4d5551355ec5fdbdf64363daa0490ef22054d30df661f1d576754a3128946f16ad18fd0fd9f2b6243d4a6d4593ad6de8f264bed
- SSDEEP
  
  768:LRV8cOu2NOSnJLnRF8vpSOQmiqLBbBC2Kb8l9hVh2+E4AHwc/o+9IHqHYDZhYWFz:rBmOSn+MOQBqNbHKQ3hfEXN8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2