c6755c545a7fff41b8189438102f1c776c0494df8413b4db2879933b6fce1f8c | Triage

Sharing

General

Target

c6755c545a7fff41b8189438102f1c776c0494df8413b4db2879933b6fce1f8c
Size

186KB
Sample

221003-qvsv5ahdf6
MD5

68bab678bbf183fc9668707ea9dabb50
SHA1

707fa178034e4d3844b759eb8275525887cff554
SHA256

c6755c545a7fff41b8189438102f1c776c0494df8413b4db2879933b6fce1f8c
SHA512

8a948e2700cc09b1b51334a4b051eac781da984fbd1cce07c71bfd809b03f35e22387e301dd546b3b916f0ad9308b08018e5d3338f1337c51c4c9d8dc1a36f17
SSDEEP

3072:TLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+:LhKDHpwspcb4mn9Nr5OCgCzuBK

Score

8^/10

Malware Config

Targets

- Target
  
  c6755c545a7fff41b8189438102f1c776c0494df8413b4db2879933b6fce1f8c
- Size
  
  186KB
- MD5
  
  68bab678bbf183fc9668707ea9dabb50
- SHA1
  
  707fa178034e4d3844b759eb8275525887cff554
- SHA256
  
  c6755c545a7fff41b8189438102f1c776c0494df8413b4db2879933b6fce1f8c
- SHA512
  
  8a948e2700cc09b1b51334a4b051eac781da984fbd1cce07c71bfd809b03f35e22387e301dd546b3b916f0ad9308b08018e5d3338f1337c51c4c9d8dc1a36f17
- SSDEEP
  
  3072:TLbKuZKzXw2RjwkfqrIWUEbskfsmbL9Nn0uNFi+O0xShCzukYr+:LhKDHpwspcb4mn9Nr5OCgCzuBK
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2