cd424e91b86804ff1056498a8031dc8badeec8d6c9abf73ad2d54237796d5ba1 | Triage

Sharing

General

Target

cd424e91b86804ff1056498a8031dc8badeec8d6c9abf73ad2d54237796d5ba1
Size

189KB
Sample

221124-arnt1aad3v
MD5

1563c36091f140d0a299c28d19546fb3
SHA1

487fd1250d2aded600a3a772461e98b0260ca779
SHA256

cd424e91b86804ff1056498a8031dc8badeec8d6c9abf73ad2d54237796d5ba1
SHA512

b622aca6585f832fc7751b5e84015781ca748f90342003f0061cca9be3ea1cd8afb70650218547772ce6d1c007c4d4490d99e4e33a7cd50d30c4ca4330c9a3d3
SSDEEP

3072:HGaY46tGNttyCa6SnrHyp9KN1ZaEg7YuPmnyXRpfC5:W46tGdyr6Srtja7nOm3

Score

8^/10

Malware Config

Targets

- Target
  
  cd424e91b86804ff1056498a8031dc8badeec8d6c9abf73ad2d54237796d5ba1
- Size
  
  189KB
- MD5
  
  1563c36091f140d0a299c28d19546fb3
- SHA1
  
  487fd1250d2aded600a3a772461e98b0260ca779
- SHA256
  
  cd424e91b86804ff1056498a8031dc8badeec8d6c9abf73ad2d54237796d5ba1
- SHA512
  
  b622aca6585f832fc7751b5e84015781ca748f90342003f0061cca9be3ea1cd8afb70650218547772ce6d1c007c4d4490d99e4e33a7cd50d30c4ca4330c9a3d3
- SSDEEP
  
  3072:HGaY46tGNttyCa6SnrHyp9KN1ZaEg7YuPmnyXRpfC5:W46tGdyr6Srtja7nOm3
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2