7189cd2b161fe4d14a91ab400a05d1e8063e8036b7dc8350d5220a087f25e8d3 | Triage

Sharing

General

Target

7189cd2b161fe4d14a91ab400a05d1e8063e8036b7dc8350d5220a087f25e8d3
Size

140KB
Sample

221121-j5p4naba29
MD5

30c9f722ccbea4c42e27b6c50d48228c
SHA1

d623667873e643230eb72c9dc7bc814495bd9ec7
SHA256

7189cd2b161fe4d14a91ab400a05d1e8063e8036b7dc8350d5220a087f25e8d3
SHA512

148af65cdb67086ceee093d0fc53fd5c1e5ee376dd7b6b4e1abce645f38b0ff39f8e66c851a052f4ad5e1d1147aa2070ffe1b827053e0eb8a373b9c901e09327
SSDEEP

3072:UKf3wRqQxKFxnsRcaClKZE5khxQfX3r9V:DPecxTgZE5kfQZV

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  7189cd2b161fe4d14a91ab400a05d1e8063e8036b7dc8350d5220a087f25e8d3
- Size
  
  140KB
- MD5
  
  30c9f722ccbea4c42e27b6c50d48228c
- SHA1
  
  d623667873e643230eb72c9dc7bc814495bd9ec7
- SHA256
  
  7189cd2b161fe4d14a91ab400a05d1e8063e8036b7dc8350d5220a087f25e8d3
- SHA512
  
  148af65cdb67086ceee093d0fc53fd5c1e5ee376dd7b6b4e1abce645f38b0ff39f8e66c851a052f4ad5e1d1147aa2070ffe1b827053e0eb8a373b9c901e09327
- SSDEEP
  
  3072:UKf3wRqQxKFxnsRcaClKZE5khxQfX3r9V:DPecxTgZE5kfQZV
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2