8459751ec7f8dba27ecd26faf30a12f217f3d1836b826e12b123ff41130c183f | Triage

Sharing

General

Target

Quotation.exe
Size

824KB
Sample

221123-rpqz1shb77
MD5

ccdc5d5563b97de3901a4a0e01d8017d
SHA1

b4cc889fb06fb04da14496a2a5bee6edcf9e3322
SHA256

8459751ec7f8dba27ecd26faf30a12f217f3d1836b826e12b123ff41130c183f
SHA512

6541c813664c877a59f9f7ef5b49ae7689093361e6b6241cdb3db3569137cf82cca87ee84df3b610df745612e6594fb94f85e009c2c3c6891d942f1a681e44b5
SSDEEP

12288:3wCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozE8888888888888W8888888J:jNzCtUpQ9WWPBSSRMTEpXNO

Score

7^/10

Malware Config

Targets

- Target
  
  Quotation.exe
- Size
  
  824KB
- MD5
  
  ccdc5d5563b97de3901a4a0e01d8017d
- SHA1
  
  b4cc889fb06fb04da14496a2a5bee6edcf9e3322
- SHA256
  
  8459751ec7f8dba27ecd26faf30a12f217f3d1836b826e12b123ff41130c183f
- SHA512
  
  6541c813664c877a59f9f7ef5b49ae7689093361e6b6241cdb3db3569137cf82cca87ee84df3b610df745612e6594fb94f85e009c2c3c6891d942f1a681e44b5
- SSDEEP
  
  12288:3wCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozE8888888888888W8888888J:jNzCtUpQ9WWPBSSRMTEpXNO
Score

7^/10
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2