7ace94e97c544a9fa8b5221a3eee72dc2d8d3448466735b97f40f01b2f76a050 | Triage

Sharing

General

Target

7ace94e97c544a9fa8b5221a3eee72dc2d8d3448466735b97f40f01b2f76a050
Size

338KB
Sample

221107-kmpwlsaggn
MD5

098e80a73bd4a24a25dbca4ef7da93d0
SHA1

1e945a897b4dea79512b890319ec7bf7c409320a
SHA256

7ace94e97c544a9fa8b5221a3eee72dc2d8d3448466735b97f40f01b2f76a050
SHA512

b235167c7641525bf31bcdf8527eb70df9a375953fce88857e1bb9cb9a3332cbbab1b7d1540bd72d9582ccc060e4804b46aaa6ffeeef38ff02b5bd0220fff04b
SSDEEP

3072:ciglMiglQiglO1eCteCa8NxZ7DGo51HFcXZ:cig2igKig4oeeR8vNj3HWp

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  7ace94e97c544a9fa8b5221a3eee72dc2d8d3448466735b97f40f01b2f76a050
- Size
  
  338KB
- MD5
  
  098e80a73bd4a24a25dbca4ef7da93d0
- SHA1
  
  1e945a897b4dea79512b890319ec7bf7c409320a
- SHA256
  
  7ace94e97c544a9fa8b5221a3eee72dc2d8d3448466735b97f40f01b2f76a050
- SHA512
  
  b235167c7641525bf31bcdf8527eb70df9a375953fce88857e1bb9cb9a3332cbbab1b7d1540bd72d9582ccc060e4804b46aaa6ffeeef38ff02b5bd0220fff04b
- SSDEEP
  
  3072:ciglMiglQiglO1eCteCa8NxZ7DGo51HFcXZ:cig2igKig4oeeR8vNj3HWp
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2