15f087a2eed128bc76f0bd8236b5f09d693d2b8a3726c7fa81af9083ecf2407a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15f087a2eed128bc76f0bd8236b5f09d693d2b8a3726c7fa81af9083ecf2407a
Size

195KB
Sample

221028-w4ggcaacd3
MD5

0c92e7efee45b67046dc912394006977
SHA1

54dbc7393baf4b32be69d1f1727cb4569d0b505e
SHA256

15f087a2eed128bc76f0bd8236b5f09d693d2b8a3726c7fa81af9083ecf2407a
SHA512

95f94d61d411a9820a982040f0ce6fd86961dd99e82efca25c12b53aadbf9cb69d8f3fceb88a8296a63822564a8e9ddd16facac0c1edf955120e8e81ad76d2d2
SSDEEP

3072:PLtaY46tGNttyJQ7KRcUchpxfjTzYE9a6bDSHe2doqV0/F5gjYVo7D2dS11lbzfr:L46tGdyOVLk96bDMe2mqVzNudSNbzam9

Score

8^/10

Malware Config

Targets

- Target
  
  15f087a2eed128bc76f0bd8236b5f09d693d2b8a3726c7fa81af9083ecf2407a
- Size
  
  195KB
- MD5
  
  0c92e7efee45b67046dc912394006977
- SHA1
  
  54dbc7393baf4b32be69d1f1727cb4569d0b505e
- SHA256
  
  15f087a2eed128bc76f0bd8236b5f09d693d2b8a3726c7fa81af9083ecf2407a
- SHA512
  
  95f94d61d411a9820a982040f0ce6fd86961dd99e82efca25c12b53aadbf9cb69d8f3fceb88a8296a63822564a8e9ddd16facac0c1edf955120e8e81ad76d2d2
- SSDEEP
  
  3072:PLtaY46tGNttyJQ7KRcUchpxfjTzYE9a6bDSHe2doqV0/F5gjYVo7D2dS11lbzfr:L46tGdyOVLk96bDMe2mqVzNudSNbzam9
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2