86c5df9499a895636348644f1342182f0ae92a90f78308877ee1d1c5cd7acfee | Triage

Sharing

General

Target

86c5df9499a895636348644f1342182f0ae92a90f78308877ee1d1c5cd7acfee
Size

320KB
Sample

221123-q247qsae6s
MD5

139aded90404e7566d4ece8ba1ba43aa
SHA1

95e5454aa03d07d3ff8d6de4fe743d8b6bd41508
SHA256

86c5df9499a895636348644f1342182f0ae92a90f78308877ee1d1c5cd7acfee
SHA512

30ef9e4de12713bdb808229edfba05e0561a2126bb7df8d1917ea9c868ced8bd462284a460dbe6405971725b8eff9b8cad2833ebc384cbfbc604ddac259a6bc0
SSDEEP

6144:R7NyWYhRghGq/998Ox2qf9QbmsrQIvKLnLjH9JXE9v2xkJwJuP8D:R7NyWYhRghGq/998Ox99emsrcLZ9u2xP

Score

8^/10

Malware Config

Targets

- Target
  
  86c5df9499a895636348644f1342182f0ae92a90f78308877ee1d1c5cd7acfee
- Size
  
  320KB
- MD5
  
  139aded90404e7566d4ece8ba1ba43aa
- SHA1
  
  95e5454aa03d07d3ff8d6de4fe743d8b6bd41508
- SHA256
  
  86c5df9499a895636348644f1342182f0ae92a90f78308877ee1d1c5cd7acfee
- SHA512
  
  30ef9e4de12713bdb808229edfba05e0561a2126bb7df8d1917ea9c868ced8bd462284a460dbe6405971725b8eff9b8cad2833ebc384cbfbc604ddac259a6bc0
- SSDEEP
  
  6144:R7NyWYhRghGq/998Ox2qf9QbmsrQIvKLnLjH9JXE9v2xkJwJuP8D:R7NyWYhRghGq/998Ox99emsrcLZ9u2xP
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2