dff962db896b405ad5e252d2dbfbdf1662fc0aa636840061e5771d31268fd340 | Triage

Sharing

General

Target

dff962db896b405ad5e252d2dbfbdf1662fc0aa636840061e5771d31268fd340
Size

116KB
Sample

221020-m5vwpaagcq
MD5

9023403687bcdf660df5e4735995e8c9
SHA1

d3ef3496032f9ff478b7a7bf02677ff2551e6754
SHA256

dff962db896b405ad5e252d2dbfbdf1662fc0aa636840061e5771d31268fd340
SHA512

f82d66568c67bf30d08eb273c5101ea91480ce174546fdd3974a6cb0ace3a13a1dffaa696a46338aaf6e3ca1dacd21b194bffb0223b1daafd8798b854db93bd9
SSDEEP

3072:at3ZKuep0dR49SaKj4VAHLL7BoYt7JeroKnJBxlP:2Q7G/BoYtNeroKHz

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  dff962db896b405ad5e252d2dbfbdf1662fc0aa636840061e5771d31268fd340
- Size
  
  116KB
- MD5
  
  9023403687bcdf660df5e4735995e8c9
- SHA1
  
  d3ef3496032f9ff478b7a7bf02677ff2551e6754
- SHA256
  
  dff962db896b405ad5e252d2dbfbdf1662fc0aa636840061e5771d31268fd340
- SHA512
  
  f82d66568c67bf30d08eb273c5101ea91480ce174546fdd3974a6cb0ace3a13a1dffaa696a46338aaf6e3ca1dacd21b194bffb0223b1daafd8798b854db93bd9
- SSDEEP
  
  3072:at3ZKuep0dR49SaKj4VAHLL7BoYt7JeroKnJBxlP:2Q7G/BoYtNeroKHz
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2