9c1c35e1b6ff2c00db8250db7894ed0601d672ec239415517987d1f5d95b10d0 | Triage

Sharing

General

Target

9c1c35e1b6ff2c00db8250db7894ed0601d672ec239415517987d1f5d95b10d0
Size

77KB
Sample

221123-qtxspahh3y
MD5

d8af52f111e94f1df960899896176494
SHA1

9a1079f5abbae35b29f61806f4a7163e0b868978
SHA256

9c1c35e1b6ff2c00db8250db7894ed0601d672ec239415517987d1f5d95b10d0
SHA512

b71deff1e2e40ec8c98688c8fe5026510b363c3787deb6c75920c0e7804b522a3cc4c2becbe83b434668eec3c89b14350a59b13de33df2d41acd72d2087dbc35
SSDEEP

1536:QtiHBqrceXjdKUhp3wZBBPIjUHMmm5R4Wf+c:QYHB0j/X3wZHPGUHMmUKG+c

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  9c1c35e1b6ff2c00db8250db7894ed0601d672ec239415517987d1f5d95b10d0
- Size
  
  77KB
- MD5
  
  d8af52f111e94f1df960899896176494
- SHA1
  
  9a1079f5abbae35b29f61806f4a7163e0b868978
- SHA256
  
  9c1c35e1b6ff2c00db8250db7894ed0601d672ec239415517987d1f5d95b10d0
- SHA512
  
  b71deff1e2e40ec8c98688c8fe5026510b363c3787deb6c75920c0e7804b522a3cc4c2becbe83b434668eec3c89b14350a59b13de33df2d41acd72d2087dbc35
- SSDEEP
  
  1536:QtiHBqrceXjdKUhp3wZBBPIjUHMmm5R4Wf+c:QYHB0j/X3wZHPGUHMmUKG+c
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence