ffe44ba0632afcc57e8864ab2931fae38d4795abfc53f703df9eeab311d525eb | Triage

Sharing

General

Target

ffe44ba0632afcc57e8864ab2931fae38d4795abfc53f703df9eeab311d525eb
Size

97KB
Sample

221124-arjkaaad2w
MD5

164271a03f2c9df025f44a4eff1ce7d0
SHA1

704aa0f010c29a261eff841232bd058d5405ca66
SHA256

ffe44ba0632afcc57e8864ab2931fae38d4795abfc53f703df9eeab311d525eb
SHA512

20f65860db29996ef239c6e5ff833d306c50221a16d5ed8a9501425a41b3b7e2802e738982cd39796cc3254d87f6791e7f6f00a4c7a5f2b738702663459c80a8
SSDEEP

1536:rTtaYzMXqtGNtty1yVumRTT0f88qP2CsRdxgwGGCIOunToIfiWdN:rTtaY46tGNtty1pf8l2CHRGgKTBfik

Score

8^/10

Malware Config

Targets

- Target
  
  ffe44ba0632afcc57e8864ab2931fae38d4795abfc53f703df9eeab311d525eb
- Size
  
  97KB
- MD5
  
  164271a03f2c9df025f44a4eff1ce7d0
- SHA1
  
  704aa0f010c29a261eff841232bd058d5405ca66
- SHA256
  
  ffe44ba0632afcc57e8864ab2931fae38d4795abfc53f703df9eeab311d525eb
- SHA512
  
  20f65860db29996ef239c6e5ff833d306c50221a16d5ed8a9501425a41b3b7e2802e738982cd39796cc3254d87f6791e7f6f00a4c7a5f2b738702663459c80a8
- SSDEEP
  
  1536:rTtaYzMXqtGNtty1yVumRTT0f88qP2CsRdxgwGGCIOunToIfiWdN:rTtaY46tGNtty1pf8l2CHRGgKTBfik
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2