1549cf706a1cf079b703808c86427c46b508717f90c2b865f30bbfbbe77e3c9a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1549cf706a1cf079b703808c86427c46b508717f90c2b865f30bbfbbe77e3c9a
Size

349KB
Sample

221106-w6r1vshfbq
MD5

0748ab358a35fc8d4595dc3d4a8f8790
SHA1

0a8decbb0de31085414d04eb74143dd8cd012327
SHA256

1549cf706a1cf079b703808c86427c46b508717f90c2b865f30bbfbbe77e3c9a
SHA512

06f9de239c7f2bb43e2af2ec3ef69dbd969ccf767a60759f3966e753e5406c11ee67a797220b77e37f9b2edd1e0063f86d924a71e28036a75a6af87bfe57d023
SSDEEP

6144:p9NW40bKvfNHvJJ4q5kYoVNAHvditx5sxj3pix3+dC5ONWIWCF9lSde4uGUBKEi:p984hfNPUngvx9ixOdFoIWCblo3nE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1549cf706a1cf079b703808c86427c46b508717f90c2b865f30bbfbbe77e3c9a
- Size
  
  349KB
- MD5
  
  0748ab358a35fc8d4595dc3d4a8f8790
- SHA1
  
  0a8decbb0de31085414d04eb74143dd8cd012327
- SHA256
  
  1549cf706a1cf079b703808c86427c46b508717f90c2b865f30bbfbbe77e3c9a
- SHA512
  
  06f9de239c7f2bb43e2af2ec3ef69dbd969ccf767a60759f3966e753e5406c11ee67a797220b77e37f9b2edd1e0063f86d924a71e28036a75a6af87bfe57d023
- SSDEEP
  
  6144:p9NW40bKvfNHvJJ4q5kYoVNAHvditx5sxj3pix3+dC5ONWIWCF9lSde4uGUBKEi:p984hfNPUngvx9ixOdFoIWCblo3nE
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2