558c30858d29e0991ced75c46585178ee0caff2e14665bc895c5ba6aaabae039 | Triage

Sharing

General

Target

558c30858d29e0991ced75c46585178ee0caff2e14665bc895c5ba6aaabae039
Size

312KB
Sample

221029-a1xs9sdhd2
MD5

0e8a0c26b9d7f3a8482421e8dc5a56b0
SHA1

e8b77d1bface68a56f10b0773206fc8f0a7c64ac
SHA256

558c30858d29e0991ced75c46585178ee0caff2e14665bc895c5ba6aaabae039
SHA512

67cb28c74d457e322ac388e072929d69ba4b9495d5230907765bd6b1a1460bcafa36d3913948fda38d538a8814a04aa69981f43bf7ce420b2905edd5bf68462c
SSDEEP

6144:UFlKGsf4i7LwSnMRrbu02uJ79lsJ/3hJPtNQw5eKwY0DN3yiJFkUB2I3jWQP:2i46wz/u02uJ74J/3TDtBwY0DJFBN3yQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  558c30858d29e0991ced75c46585178ee0caff2e14665bc895c5ba6aaabae039
- Size
  
  312KB
- MD5
  
  0e8a0c26b9d7f3a8482421e8dc5a56b0
- SHA1
  
  e8b77d1bface68a56f10b0773206fc8f0a7c64ac
- SHA256
  
  558c30858d29e0991ced75c46585178ee0caff2e14665bc895c5ba6aaabae039
- SHA512
  
  67cb28c74d457e322ac388e072929d69ba4b9495d5230907765bd6b1a1460bcafa36d3913948fda38d538a8814a04aa69981f43bf7ce420b2905edd5bf68462c
- SSDEEP
  
  6144:UFlKGsf4i7LwSnMRrbu02uJ79lsJ/3hJPtNQw5eKwY0DN3yiJFkUB2I3jWQP:2i46wz/u02uJ74J/3TDtBwY0DJFBN3yQ
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2