30921dec1452e8beba23059ffde675e5a509f3dc902c4a594e062b46ed9e0431 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30921dec1452e8beba23059ffde675e5a509f3dc902c4a594e062b46ed9e0431
Size

180KB
Sample

221020-2rae6aaab9
MD5

408c1bb0e6b776782fce5d05bafcf211
SHA1

17cda0da8f37a1964b1cedf35b667d3ca322696e
SHA256

30921dec1452e8beba23059ffde675e5a509f3dc902c4a594e062b46ed9e0431
SHA512

9fbfecbba73f03b325d4142758948c2e98c317acae61733451ca3ebed641bf55e2fc679c3560617f3092cfbc5f0372e475555fe552a5122eea325827e639b1f0
SSDEEP

3072:YftffjmNJLdTx0HPNncumAEib3S9nHCFlIRI90+mI:oVfjmNJLdTx0aumYbC9nHC0I904

Score

8^/10

Malware Config

Targets

- Target
  
  30921dec1452e8beba23059ffde675e5a509f3dc902c4a594e062b46ed9e0431
- Size
  
  180KB
- MD5
  
  408c1bb0e6b776782fce5d05bafcf211
- SHA1
  
  17cda0da8f37a1964b1cedf35b667d3ca322696e
- SHA256
  
  30921dec1452e8beba23059ffde675e5a509f3dc902c4a594e062b46ed9e0431
- SHA512
  
  9fbfecbba73f03b325d4142758948c2e98c317acae61733451ca3ebed641bf55e2fc679c3560617f3092cfbc5f0372e475555fe552a5122eea325827e639b1f0
- SSDEEP
  
  3072:YftffjmNJLdTx0HPNncumAEib3S9nHCFlIRI90+mI:oVfjmNJLdTx0aumYbC9nHC0I904
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2