f0e8ccd2f98ef6f6a4cf2282853e6418a8f3a8873d4eb7d25c5ff20b284d7414 | Triage

Sharing

General

Target

Document.zip
Size

5.7MB
Sample

221012-wsrsyaegh3
MD5

00fe7c67c2f28e38cbbd95ad1c38ad82
SHA1

0de5c048ba27623904a62171682d38e22495b872
SHA256

f0e8ccd2f98ef6f6a4cf2282853e6418a8f3a8873d4eb7d25c5ff20b284d7414
SHA512

f45df1fef179701333a1fde4a133e4a12b2d64f86f1fc0766af2817f97bb6770e05d4cb881650d0891c63dcd815cd38fb99c78dee00ec7ce3734541fe2913896
SSDEEP

98304:THBDWThB8SStGYh6wmkQFZjseH2cjH//HKcExP4HrgvNSodXI/T+Okr242i:rJwzNSt+ZkUZ5HHj3KcmACMTDK

Score

8^/10

Malware Config

Targets

- Target
  
  Document.zip
- Size
  
  5.7MB
- MD5
  
  00fe7c67c2f28e38cbbd95ad1c38ad82
- SHA1
  
  0de5c048ba27623904a62171682d38e22495b872
- SHA256
  
  f0e8ccd2f98ef6f6a4cf2282853e6418a8f3a8873d4eb7d25c5ff20b284d7414
- SHA512
  
  f45df1fef179701333a1fde4a133e4a12b2d64f86f1fc0766af2817f97bb6770e05d4cb881650d0891c63dcd815cd38fb99c78dee00ec7ce3734541fe2913896
- SSDEEP
  
  98304:THBDWThB8SStGYh6wmkQFZjseH2cjH//HKcExP4HrgvNSodXI/T+Okr242i:rJwzNSt+ZkUZ5HHj3KcmACMTDK
Score

1^/10
behavioral1 behavioral2
- Target
  
  file.iso
- Size
  
  6.0MB
- MD5
  
  e1e9ac408a47b99a37188d22b50905d8
- SHA1
  
  2a38bc508a5549c68d1817f2d7bac95cdfb57b54
- SHA256
  
  857bf238a4efbb5f6352f0467e29c1ef4fecbdf3bcb0f0461da9da80a7c0e842
- SHA512
  
  afa8a5ad6c69b086f3f0d53b45f44264b2d25dea09c97ce193194d2f7b6844f802c8b4d591e7bb61e17c66eb74517bbcd4971a214ddcb9e7cc94115c1e156bc5
- SSDEEP
  
  98304:XAC9AGDm8MytOY9woKC4BDBwWlKylZ/FxCeMxlGV9GZRik9VI5TMwGP2KEg:h9mzytc/CKDllTllCeue6STzA
Score

3^/10
behavioral3 behavioral4
- Target
  
  Document.lnk
- Size
  
  1KB
- MD5
  
  010cfd3c8c69c8fbd7ee6850b4631c1e
- SHA1
  
  f01f0fdd639c7dd1213ab90bd7c9f2a7f7bec4a9
- SHA256
  
  08e117ae6ef996ecdd65f19a62ab280a72db6c60d3453523916d77f60290896e
- SHA512
  
  347b0d690310f58d1099f0a104fa523a0d42888fc4c28e4e7d7c294590dbbc9546f771900b68084c33cb76a5aef45ea312f8b6f098e141a1fa79f39f12a7b37b
Score

3^/10
behavioral5 behavioral6
- Target
  
  file.bat
- Size
  
  121B
- MD5
  
  f2dfe2d042da18133306eed955367273
- SHA1
  
  430ea7ed2c8fdfcd86d908c349e69e135b08cff8
- SHA256
  
  c7509974ecff20140e027d4212c996dc32ecbec7f13c03ff85f82286df6a01e7
- SHA512
  
  4df232226b4f5498ab17a1b9761ebba375975bc9cabe41636e99e1ec738379e64524197c90ba167ef3473ed42890e302e2a2e3dabfc6be595a814d2c64bb1426
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8