647956081712863753a95255c99fe264b8835caadd4ddeb25b5731741c13c899 | Triage

Sharing

General

Target

647956081712863753a95255c99fe264b8835caadd4ddeb25b5731741c13c899
Size

151KB
Sample

221124-arw6dafb63
MD5

166faf4352bb2e2cf61dca5fe50ca750
SHA1

1a83796e6f0c3f66e678102fefb2afd090991eff
SHA256

647956081712863753a95255c99fe264b8835caadd4ddeb25b5731741c13c899
SHA512

ec068d5ad44d70f773f087fee70b8401ce33784ff92669dad6b550a0e3fe8d0bb04de333155bfac7dc5e34012fccd50d37884bc984b9b8d14d54c774608e7f1d
SSDEEP

3072:P3aY46tGNttyJQ7KRiaJnOJy1F1Nz1X8+wSPOozCpg:h46tGdyMaJn/1F1NzeoOyCpg

Score

8^/10

Malware Config

Targets

- Target
  
  647956081712863753a95255c99fe264b8835caadd4ddeb25b5731741c13c899
- Size
  
  151KB
- MD5
  
  166faf4352bb2e2cf61dca5fe50ca750
- SHA1
  
  1a83796e6f0c3f66e678102fefb2afd090991eff
- SHA256
  
  647956081712863753a95255c99fe264b8835caadd4ddeb25b5731741c13c899
- SHA512
  
  ec068d5ad44d70f773f087fee70b8401ce33784ff92669dad6b550a0e3fe8d0bb04de333155bfac7dc5e34012fccd50d37884bc984b9b8d14d54c774608e7f1d
- SSDEEP
  
  3072:P3aY46tGNttyJQ7KRiaJnOJy1F1Nz1X8+wSPOozCpg:h46tGdyMaJn/1F1NzeoOyCpg
Score

8^/10
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2