ea653aa36cbcd0f1df0330d8b68c43af56fa92f730d4b17a6da9d5366255bc65 | Triage

Sharing

General

Target

ea653aa36cbcd0f1df0330d8b68c43af56fa92f730d4b17a6da9d5366255bc65
Size

224KB
Sample

221124-aq3xjafb25
MD5

3d4f22097fcad60cfb4fd20e7b59eca0
SHA1

30d49c4d4f016ad0b107cc03a10347d44b5e72fa
SHA256

ea653aa36cbcd0f1df0330d8b68c43af56fa92f730d4b17a6da9d5366255bc65
SHA512

36016b33dde97401d2ef4239907942802ccc6c86e268d77f0005a64dc6e22996061c8db4ba9c92ec9df407dd6f1f9d2cfba4ca268b2df6da5229f27239fd8688
SSDEEP

3072:6CSjGoLpWM65lmjx73xOU4aukLQup8LXGCTobItEP4ghZglTsyL7RD:cXymtoPg5cjuP4ghZS7hD

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ea653aa36cbcd0f1df0330d8b68c43af56fa92f730d4b17a6da9d5366255bc65
- Size
  
  224KB
- MD5
  
  3d4f22097fcad60cfb4fd20e7b59eca0
- SHA1
  
  30d49c4d4f016ad0b107cc03a10347d44b5e72fa
- SHA256
  
  ea653aa36cbcd0f1df0330d8b68c43af56fa92f730d4b17a6da9d5366255bc65
- SHA512
  
  36016b33dde97401d2ef4239907942802ccc6c86e268d77f0005a64dc6e22996061c8db4ba9c92ec9df407dd6f1f9d2cfba4ca268b2df6da5229f27239fd8688
- SSDEEP
  
  3072:6CSjGoLpWM65lmjx73xOU4aukLQup8LXGCTobItEP4ghZglTsyL7RD:cXymtoPg5cjuP4ghZS7hD
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2