0ff350994a03055f6cba9f71ccea07c0e9ac1cbcdee8072c41645af2c718c81e | Triage

Sharing

General

Target

0ff350994a03055f6cba9f71ccea07c0e9ac1cbcdee8072c41645af2c718c81e
Size

63KB
Sample

221011-1p2k7agabm
MD5

7ac7fa1d0b8653556b1f773534aaaee0
SHA1

353143b31e48f08c4402f1df9b85d990fff85277
SHA256

0ff350994a03055f6cba9f71ccea07c0e9ac1cbcdee8072c41645af2c718c81e
SHA512

eb74d5141d42f3edfb7377c82c45a593ffb6dd5c4a051b7153c813659fc77e22118e0ff5a3aba4b25bbced9b6f59b817fc550c55d44413948584676975f6ebf7
SSDEEP

1536:wGN7c9SKiGN8fsR1lGyHm5q7yaF4DJxChSG:BySFI8kGyH/yaKVx

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  0ff350994a03055f6cba9f71ccea07c0e9ac1cbcdee8072c41645af2c718c81e
- Size
  
  63KB
- MD5
  
  7ac7fa1d0b8653556b1f773534aaaee0
- SHA1
  
  353143b31e48f08c4402f1df9b85d990fff85277
- SHA256
  
  0ff350994a03055f6cba9f71ccea07c0e9ac1cbcdee8072c41645af2c718c81e
- SHA512
  
  eb74d5141d42f3edfb7377c82c45a593ffb6dd5c4a051b7153c813659fc77e22118e0ff5a3aba4b25bbced9b6f59b817fc550c55d44413948584676975f6ebf7
- SSDEEP
  
  1536:wGN7c9SKiGN8fsR1lGyHm5q7yaF4DJxChSG:BySFI8kGyH/yaKVx
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2