5d7d4cefb71d5689941869f0899c9ce4272055b090e7e400f49a8bac7f83f38b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d7d4cefb71d5689941869f0899c9ce4272055b090e7e400f49a8bac7f83f38b
Size

308KB
Sample

221030-gyphfafbh4
MD5

929e8980e08b918a6a5612a861ecb0fa
SHA1

25c6048b7259f48fc238601591c031b96c47111f
SHA256

5d7d4cefb71d5689941869f0899c9ce4272055b090e7e400f49a8bac7f83f38b
SHA512

39472b2465b493b3cb4ae8300071d80106f88aab4f6c71ad63ddbd5fcb437bb8a3e9cfa011ab0a837c2373fd22197704b9f873da1ffca9efa0c8d3f6acf3618d
SSDEEP

6144:8toCLy7vQy+uxvyRzL83I3DzT1/Qw8kCAHpcLHVat281xEO4/mE:o8DQhRLl3zWwz0HVk2yEdm

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5d7d4cefb71d5689941869f0899c9ce4272055b090e7e400f49a8bac7f83f38b
- Size
  
  308KB
- MD5
  
  929e8980e08b918a6a5612a861ecb0fa
- SHA1
  
  25c6048b7259f48fc238601591c031b96c47111f
- SHA256
  
  5d7d4cefb71d5689941869f0899c9ce4272055b090e7e400f49a8bac7f83f38b
- SHA512
  
  39472b2465b493b3cb4ae8300071d80106f88aab4f6c71ad63ddbd5fcb437bb8a3e9cfa011ab0a837c2373fd22197704b9f873da1ffca9efa0c8d3f6acf3618d
- SSDEEP
  
  6144:8toCLy7vQy+uxvyRzL83I3DzT1/Qw8kCAHpcLHVat281xEO4/mE:o8DQhRLl3zWwz0HVk2yEdm
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2