dc590a98f635fb47b661a86d46031f7d9323287347e3d720c82e733b31c05d56 | Triage

Sharing

General

Target

dc590a98f635fb47b661a86d46031f7d9323287347e3d720c82e733b31c05d56
Size

24KB
Sample

221011-hbns3aacf5
MD5

6a683bf5a907cf81bde683c80c08c161
SHA1

125957af4f965a230e9c02a0352df42de0d1503b
SHA256

dc590a98f635fb47b661a86d46031f7d9323287347e3d720c82e733b31c05d56
SHA512

c2a7a016b272cf7aab8cb5a3eef58650adfbc734ab6d445894d6efb1ffd21a133ce8fbbcb8eaa58ee64fce6e8c223fa877400139778c6a7d6844dddc9c93bf1b
SSDEEP

384:i3SiXvoKLOQRckvzUg64WiJKIi0FfRRurbGVMR9CHom7:i3Si/otCIgNdzNS/G0CHb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dc590a98f635fb47b661a86d46031f7d9323287347e3d720c82e733b31c05d56
- Size
  
  24KB
- MD5
  
  6a683bf5a907cf81bde683c80c08c161
- SHA1
  
  125957af4f965a230e9c02a0352df42de0d1503b
- SHA256
  
  dc590a98f635fb47b661a86d46031f7d9323287347e3d720c82e733b31c05d56
- SHA512
  
  c2a7a016b272cf7aab8cb5a3eef58650adfbc734ab6d445894d6efb1ffd21a133ce8fbbcb8eaa58ee64fce6e8c223fa877400139778c6a7d6844dddc9c93bf1b
- SSDEEP
  
  384:i3SiXvoKLOQRckvzUg64WiJKIi0FfRRurbGVMR9CHom7:i3Si/otCIgNdzNS/G0CHb
Score

8^/10

persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2