e35baf8b62cf39b0bc9b5c8dded4f6d62122048cbcebd64177ef42848103813d | Triage

Sharing

General

Target

e35baf8b62cf39b0bc9b5c8dded4f6d62122048cbcebd64177ef42848103813d
Size

1.5MB
Sample

221123-vk6rfscc2s
MD5

c3c70bf5f117f610bbcde9f0c10b5a92
SHA1

04f8112cde3fa797348896a3bc3c8c401680f7bd
SHA256

e35baf8b62cf39b0bc9b5c8dded4f6d62122048cbcebd64177ef42848103813d
SHA512

e8fb8338a285967d7808d171433244ab6e2cfb97576c2fb628adf4dc2b36e39ffba478f514707a128a0c35b8523f98c4bf382864607ad468cf47adb7bd006bda
SSDEEP

6144:oFzclWnzp5DFV0FuS5hPGR/CnA1G+Ghgav/06hyTuM:4cURxR/CnA0rhgaJy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e35baf8b62cf39b0bc9b5c8dded4f6d62122048cbcebd64177ef42848103813d
- Size
  
  1.5MB
- MD5
  
  c3c70bf5f117f610bbcde9f0c10b5a92
- SHA1
  
  04f8112cde3fa797348896a3bc3c8c401680f7bd
- SHA256
  
  e35baf8b62cf39b0bc9b5c8dded4f6d62122048cbcebd64177ef42848103813d
- SHA512
  
  e8fb8338a285967d7808d171433244ab6e2cfb97576c2fb628adf4dc2b36e39ffba478f514707a128a0c35b8523f98c4bf382864607ad468cf47adb7bd006bda
- SSDEEP
  
  6144:oFzclWnzp5DFV0FuS5hPGR/CnA1G+Ghgav/06hyTuM:4cURxR/CnA0rhgaJy
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Command-Line Interface

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2