815581a8608e09b47044219dacf995283fda3c83893a2cdc0dcf607cc78ec558 | Triage

Sharing

General

Target

815581a8608e09b47044219dacf995283fda3c83893a2cdc0dcf607cc78ec558
Size

78KB
Sample

221107-ks6fjsgga7
MD5

052cf1a5b2e3d3b892a716b9aef55a70
SHA1

1bc73751cbbf19e967abfd7f6a7b4a325a82fe9c
SHA256

815581a8608e09b47044219dacf995283fda3c83893a2cdc0dcf607cc78ec558
SHA512

06a21d519549941b0bbefa0906ac50fd0b27a87263909ed2ff6f8f61e226371ead4687afea9574cdc97faafb23713a0b1d1ebe74f49257f9dc5019c0c1fba127
SSDEEP

1536:GV+rXj8M7RrQR51HCHmnKlX16N625hMYuDEm1lSa47fM16jal88HOo8i2C8i2:J8EE5iHmnKlX1M625hvuDxUa47fM16an

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  815581a8608e09b47044219dacf995283fda3c83893a2cdc0dcf607cc78ec558
- Size
  
  78KB
- MD5
  
  052cf1a5b2e3d3b892a716b9aef55a70
- SHA1
  
  1bc73751cbbf19e967abfd7f6a7b4a325a82fe9c
- SHA256
  
  815581a8608e09b47044219dacf995283fda3c83893a2cdc0dcf607cc78ec558
- SHA512
  
  06a21d519549941b0bbefa0906ac50fd0b27a87263909ed2ff6f8f61e226371ead4687afea9574cdc97faafb23713a0b1d1ebe74f49257f9dc5019c0c1fba127
- SSDEEP
  
  1536:GV+rXj8M7RrQR51HCHmnKlX16N625hMYuDEm1lSa47fM16jal88HOo8i2C8i2:J8EE5iHmnKlX1M625hvuDxUa47fM16an
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2