f21cbf0ed491d6859de4e2b6b12aa15353cadde5683997a00279bf374430e771 | Triage

Sharing

General

Target

f21cbf0ed491d6859de4e2b6b12aa15353cadde5683997a00279bf374430e771
Size

46KB
Sample

221020-xlxahsaea5
MD5

a001a03a95d4e625aaf678caf56cd3a0
SHA1

ca644278e27b5017693ae2309c5be43b2933122c
SHA256

f21cbf0ed491d6859de4e2b6b12aa15353cadde5683997a00279bf374430e771
SHA512

74e2d3385be18770f5e4dce39731597765001efc796f93f1cb25b97624a0c81725edd5e67e446517af0caadefa117c0990edaca016e4f20aeb5bed47fe2532ca
SSDEEP

768:tanJ7UE+A7gTplJMOYKBYCuvMuGSMGkmxMupps512HVxIbHmVz1jUgisKl4qR:tcL+AUTpldY9CuvMuGakmx1ps512HVSX

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  f21cbf0ed491d6859de4e2b6b12aa15353cadde5683997a00279bf374430e771
- Size
  
  46KB
- MD5
  
  a001a03a95d4e625aaf678caf56cd3a0
- SHA1
  
  ca644278e27b5017693ae2309c5be43b2933122c
- SHA256
  
  f21cbf0ed491d6859de4e2b6b12aa15353cadde5683997a00279bf374430e771
- SHA512
  
  74e2d3385be18770f5e4dce39731597765001efc796f93f1cb25b97624a0c81725edd5e67e446517af0caadefa117c0990edaca016e4f20aeb5bed47fe2532ca
- SSDEEP
  
  768:tanJ7UE+A7gTplJMOYKBYCuvMuGSMGkmxMupps512HVxIbHmVz1jUgisKl4qR:tcL+AUTpldY9CuvMuGakmx1ps512HVSX
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2