cff71362dab7e3b7c7bd55830d31f211d561dc7d21bbfee1a216f4f96bfb27ad | Triage

Sharing

General

Target

cff71362dab7e3b7c7bd55830d31f211d561dc7d21bbfee1a216f4f96bfb27ad
Size

707KB
Sample

221106-x47tzaghe4
MD5

08f6787221016ef38abaff7c7418c23d
SHA1

c28219c4867b1f7f06a949acd39d83726d9f7b7b
SHA256

cff71362dab7e3b7c7bd55830d31f211d561dc7d21bbfee1a216f4f96bfb27ad
SHA512

60da549ad9d9c9fdb9dce9a324971f7b9db4a4bf2ef5f5d62e710e8b6b50925a3298a5786d17a89f6fa30715759a57717f64897b1d2da13d80ae433f7f9717e3
SSDEEP

6144:iv27jyGy1/pEli1TQXG3QsE0VdQTQRwvwjvaIy7N:6/Fpl1UXGRVpw4jyIy

Score

8^/10

upx

Malware Config

Targets

- Target
  
  cff71362dab7e3b7c7bd55830d31f211d561dc7d21bbfee1a216f4f96bfb27ad
- Size
  
  707KB
- MD5
  
  08f6787221016ef38abaff7c7418c23d
- SHA1
  
  c28219c4867b1f7f06a949acd39d83726d9f7b7b
- SHA256
  
  cff71362dab7e3b7c7bd55830d31f211d561dc7d21bbfee1a216f4f96bfb27ad
- SHA512
  
  60da549ad9d9c9fdb9dce9a324971f7b9db4a4bf2ef5f5d62e710e8b6b50925a3298a5786d17a89f6fa30715759a57717f64897b1d2da13d80ae433f7f9717e3
- SSDEEP
  
  6144:iv27jyGy1/pEli1TQXG3QsE0VdQTQRwvwjvaIy7N:6/Fpl1UXGRVpw4jyIy
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2