7121766b81943e7c17aea5e7d59b1d512d383f9b31d0042e168ac2a189232d76 | Triage

Resubmissions

26-10-2022 19:07

221026-xswmkagfg8 8

Sharing

General

Target

Worms.Armageddon.Plus.1.1.2a.exe
Size

27.1MB
Sample

221026-xswmkagfg8
MD5

0a3fcb95fe99c5e8684bd9246630cc78
SHA1

2b4335c921eb7f937e0ed1cb2f1382689f5a8aaa
SHA256

7121766b81943e7c17aea5e7d59b1d512d383f9b31d0042e168ac2a189232d76
SHA512

dd142051d9733bc390b3af51c784b5d11edd54c35f57aaf56c85fbed5617c1ab69a047f7af1d7fd9b1184e1e38f50e52e6771eb1c6a1a1341a8bf5ee753a8734
SSDEEP

786432:GEmnc/0ex2d6fbcm6B78/Ps6clv4/+BZcWf:jI6s8XalvCQKWf

Score

8^/10

Malware Config

Targets

- Target
  
  Worms.Armageddon.Plus.1.1.2a.exe
- Size
  
  27.1MB
- MD5
  
  0a3fcb95fe99c5e8684bd9246630cc78
- SHA1
  
  2b4335c921eb7f937e0ed1cb2f1382689f5a8aaa
- SHA256
  
  7121766b81943e7c17aea5e7d59b1d512d383f9b31d0042e168ac2a189232d76
- SHA512
  
  dd142051d9733bc390b3af51c784b5d11edd54c35f57aaf56c85fbed5617c1ab69a047f7af1d7fd9b1184e1e38f50e52e6771eb1c6a1a1341a8bf5ee753a8734
- SSDEEP
  
  786432:GEmnc/0ex2d6fbcm6B78/Ps6clv4/+BZcWf:jI6s8XalvCQKWf
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2