b5d759aa0d31db7796fbebfe6e6d676a8618dad806938470df5a8b7f93dc2603 | Triage

Sharing

General

Target

b5d759aa0d31db7796fbebfe6e6d676a8618dad806938470df5a8b7f93dc2603
Size

118KB
Sample

221030-z7qe7sccbp
MD5

82e4ef9ff404575a62da35dc95331e17
SHA1

d06292eaa5c16d1b96cc8013092fdec195490935
SHA256

b5d759aa0d31db7796fbebfe6e6d676a8618dad806938470df5a8b7f93dc2603
SHA512

d4da42fc56ddf8a2ce2d9c1ab9676c5d11ccd0e1d7eec49d1ad3012a171793fcf1edbc8b76941547702d0f9cb510d806678cc1efb245ce408ab26f87f052c06b
SSDEEP

1536:A1WQg9RugdkRn+wTlk+Y8ijD0mFEZBrkAi:XQgDpdc+w1nif0mFCtJ

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b5d759aa0d31db7796fbebfe6e6d676a8618dad806938470df5a8b7f93dc2603
- Size
  
  118KB
- MD5
  
  82e4ef9ff404575a62da35dc95331e17
- SHA1
  
  d06292eaa5c16d1b96cc8013092fdec195490935
- SHA256
  
  b5d759aa0d31db7796fbebfe6e6d676a8618dad806938470df5a8b7f93dc2603
- SHA512
  
  d4da42fc56ddf8a2ce2d9c1ab9676c5d11ccd0e1d7eec49d1ad3012a171793fcf1edbc8b76941547702d0f9cb510d806678cc1efb245ce408ab26f87f052c06b
- SSDEEP
  
  1536:A1WQg9RugdkRn+wTlk+Y8ijD0mFEZBrkAi:XQgDpdc+w1nif0mFCtJ
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2