fb4b3f08a5cfbae0a41450abfbbe7eacaa3e0d01aeb06300528073cf7dc84fae | Triage

Sharing

General

Target

fb4b3f08a5cfbae0a41450abfbbe7eacaa3e0d01aeb06300528073cf7dc84fae
Size

508KB
Sample

221123-vghv8aha26
MD5

42efd0d148945e8d5eeda95cef948ca0
SHA1

6a8b7f5b1e6327f293c6a055dcdb6e8ea696a4e1
SHA256

fb4b3f08a5cfbae0a41450abfbbe7eacaa3e0d01aeb06300528073cf7dc84fae
SHA512

bfbebd25519c47142d413b4c47e2b2852f010505fdd4c47257f6a81f264a44a79e50a4e5b34dc8ab67a0fdd541b8528e0d0dfa7cd9dd9c98cddaa6e965cd9614
SSDEEP

6144:TzASfB+BhEjoBfLdbNVOY5LY9CsDykwXNMWAi3cuOjyLDWCa6P58Rt3qgDHt5FsH:PZohjbbHOY5c9CsDrgMLiMuf8k

Score

8^/10

Malware Config

Targets

- Target
  
  fb4b3f08a5cfbae0a41450abfbbe7eacaa3e0d01aeb06300528073cf7dc84fae
- Size
  
  508KB
- MD5
  
  42efd0d148945e8d5eeda95cef948ca0
- SHA1
  
  6a8b7f5b1e6327f293c6a055dcdb6e8ea696a4e1
- SHA256
  
  fb4b3f08a5cfbae0a41450abfbbe7eacaa3e0d01aeb06300528073cf7dc84fae
- SHA512
  
  bfbebd25519c47142d413b4c47e2b2852f010505fdd4c47257f6a81f264a44a79e50a4e5b34dc8ab67a0fdd541b8528e0d0dfa7cd9dd9c98cddaa6e965cd9614
- SSDEEP
  
  6144:TzASfB+BhEjoBfLdbNVOY5LY9CsDykwXNMWAi3cuOjyLDWCa6P58Rt3qgDHt5FsH:PZohjbbHOY5c9CsDrgMLiMuf8k
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2