ea34c7952d8553828006944578d06f61056341b5f388f146f26b0c12a3f1a848 | Triage

Sharing

General

Target

ea34c7952d8553828006944578d06f61056341b5f388f146f26b0c12a3f1a848
Size

142KB
Sample

221004-bf9srsehfm
MD5

3fa39957763b0ff79b6892ce72387d10
SHA1

8acf0b49b74ae78e95e97be61f410811828e4f03
SHA256

ea34c7952d8553828006944578d06f61056341b5f388f146f26b0c12a3f1a848
SHA512

7a054712e0ed4c4ce37d434e82714983e07e1c8f388d0a6a8a2265165685cc19222c6da05962e5cf587d49de3638982204b89edc83a9a84b6c8589793a6cf1ee
SSDEEP

3072:A2DvqxtToYddW29ZJfjkNBE9Vshx8gZuoC96rjW:NDCxB1S29DYrET9R6r6

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ea34c7952d8553828006944578d06f61056341b5f388f146f26b0c12a3f1a848
- Size
  
  142KB
- MD5
  
  3fa39957763b0ff79b6892ce72387d10
- SHA1
  
  8acf0b49b74ae78e95e97be61f410811828e4f03
- SHA256
  
  ea34c7952d8553828006944578d06f61056341b5f388f146f26b0c12a3f1a848
- SHA512
  
  7a054712e0ed4c4ce37d434e82714983e07e1c8f388d0a6a8a2265165685cc19222c6da05962e5cf587d49de3638982204b89edc83a9a84b6c8589793a6cf1ee
- SSDEEP
  
  3072:A2DvqxtToYddW29ZJfjkNBE9Vshx8gZuoC96rjW:NDCxB1S29DYrET9R6r6
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2