d1d536f3ea391d1083d620dff6919f18e8f3520b62a68381b3aa2d3042fb6ec5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1d536f3ea391d1083d620dff6919f18e8f3520b62a68381b3aa2d3042fb6ec5
Size

73KB
Sample

221004-d3dpysahcq
MD5

f35ac9f28a1561f1dba8aa52378f68c6
SHA1

90ee56e34849fed0047116f13136a4cf713dd18d
SHA256

d1d536f3ea391d1083d620dff6919f18e8f3520b62a68381b3aa2d3042fb6ec5
SHA512

2977ce9a57f084f517b7e7ab0a7ca1438b8c17d7fdded6eca8abb9087069a2490f81a0ae5b04ab373f6fddb623ad32be56338d6b73f827fc2d9be4cec88d4a3f
SSDEEP

1536:AmZ1kzwz10p27GjV3P1YI2oyzfmgysP6JZCaqjvd8jmlpVci:ANcz1kvyzf9NyWjvd8jmnV

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  d1d536f3ea391d1083d620dff6919f18e8f3520b62a68381b3aa2d3042fb6ec5
- Size
  
  73KB
- MD5
  
  f35ac9f28a1561f1dba8aa52378f68c6
- SHA1
  
  90ee56e34849fed0047116f13136a4cf713dd18d
- SHA256
  
  d1d536f3ea391d1083d620dff6919f18e8f3520b62a68381b3aa2d3042fb6ec5
- SHA512
  
  2977ce9a57f084f517b7e7ab0a7ca1438b8c17d7fdded6eca8abb9087069a2490f81a0ae5b04ab373f6fddb623ad32be56338d6b73f827fc2d9be4cec88d4a3f
- SSDEEP
  
  1536:AmZ1kzwz10p27GjV3P1YI2oyzfmgysP6JZCaqjvd8jmlpVci:ANcz1kvyzf9NyWjvd8jmnV
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2