3e1668158038ba8891424550de13c24cc327a64fd4934cf2f827fc97a3c0733a | Triage

Sharing

General

Target

3e1668158038ba8891424550de13c24cc327a64fd4934cf2f827fc97a3c0733a
Size

20.8MB
Sample

221123-k3z2hsde2w
MD5

47a228460148d0dc9cb7f6287505ca05
SHA1

5a4876ecd86ca9bbd78663a92a4e32647cab2256
SHA256

3e1668158038ba8891424550de13c24cc327a64fd4934cf2f827fc97a3c0733a
SHA512

4dffa7404fb1629e273d614db8c75842d3950f2e1ac4bc461531a4abe240fa6818dfe6eb3735a56e26d8818ed629972a6202b88207dcab5b018aa0b7a691471c
SSDEEP

393216:1gXgeaQPgvG9Nb83YANGjpvO57USqm8/IJFWJHW5TpPTiwbXq18X7yo:MjQUOoANKv47Rqm8A15TIwbLXuo

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  3e1668158038ba8891424550de13c24cc327a64fd4934cf2f827fc97a3c0733a
- Size
  
  20.8MB
- MD5
  
  47a228460148d0dc9cb7f6287505ca05
- SHA1
  
  5a4876ecd86ca9bbd78663a92a4e32647cab2256
- SHA256
  
  3e1668158038ba8891424550de13c24cc327a64fd4934cf2f827fc97a3c0733a
- SHA512
  
  4dffa7404fb1629e273d614db8c75842d3950f2e1ac4bc461531a4abe240fa6818dfe6eb3735a56e26d8818ed629972a6202b88207dcab5b018aa0b7a691471c
- SSDEEP
  
  393216:1gXgeaQPgvG9Nb83YANGjpvO57USqm8/IJFWJHW5TpPTiwbXq18X7yo:MjQUOoANKv47Rqm8A15TIwbLXuo
Score

8^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2