af86e77eb83a65bb53333f7663b3f2a47da1c4d3d4b95f4fa1b1c5e1ebf58929 | Triage

Sharing

General

Target

af86e77eb83a65bb53333f7663b3f2a47da1c4d3d4b95f4fa1b1c5e1ebf58929
Size

35KB
Sample

221014-mwkz5abhd6
MD5

068139e4017f63386600b7b41cdffcd7
SHA1

55d45f4e0f70af0347730ab8bb8e236ae7b754fc
SHA256

af86e77eb83a65bb53333f7663b3f2a47da1c4d3d4b95f4fa1b1c5e1ebf58929
SHA512

fc945666a752d05b414ae04c461b54a8d072921d400e967c4b77c89ade60c5fa38bc434b43c95ad6a4220ec97fac30aee601b9c346490e9219412cc730a4b8a6
SSDEEP

384:A43bWrsOgpTANQx+vNivXrNylSW7DRq2mBcdkGLn9g7iqis9QlcffyqoeEdQ/Nb/:nbVbg1ivyhIcdsisKl4qTNAb229

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  af86e77eb83a65bb53333f7663b3f2a47da1c4d3d4b95f4fa1b1c5e1ebf58929
- Size
  
  35KB
- MD5
  
  068139e4017f63386600b7b41cdffcd7
- SHA1
  
  55d45f4e0f70af0347730ab8bb8e236ae7b754fc
- SHA256
  
  af86e77eb83a65bb53333f7663b3f2a47da1c4d3d4b95f4fa1b1c5e1ebf58929
- SHA512
  
  fc945666a752d05b414ae04c461b54a8d072921d400e967c4b77c89ade60c5fa38bc434b43c95ad6a4220ec97fac30aee601b9c346490e9219412cc730a4b8a6
- SSDEEP
  
  384:A43bWrsOgpTANQx+vNivXrNylSW7DRq2mBcdkGLn9g7iqis9QlcffyqoeEdQ/Nb/:nbVbg1ivyhIcdsisKl4qTNAb229
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2