ac136ec1a3811cb4ce3224b95bbca3b0686704e42bd3e811b184a9c14a3acdfb | Triage

Sharing

General

Target

ac136ec1a3811cb4ce3224b95bbca3b0686704e42bd3e811b184a9c14a3acdfb
Size

435KB
Sample

221124-cxngjabe52
MD5

302561f3ff7ffab43797b19e7334ba19
SHA1

bb975283b513aa4c7f4f1e1c2b29302531372992
SHA256

ac136ec1a3811cb4ce3224b95bbca3b0686704e42bd3e811b184a9c14a3acdfb
SHA512

3179af120089fa579a8c7a651099d4b849e8acfcd334819eaf5485648436162ddb0f8b075dd26ed9d4dcee76c0728687ea1c9f587f85d416f085c0986631b550
SSDEEP

6144:vdspDeDrxkg/vrMuJIgwhEFHyOrJcX/Pgqwzm5IzkWjS4e4azExBKO1t4Kb70Nqq:l8kxNhOZElO5kkWjhD4A

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ac136ec1a3811cb4ce3224b95bbca3b0686704e42bd3e811b184a9c14a3acdfb
- Size
  
  435KB
- MD5
  
  302561f3ff7ffab43797b19e7334ba19
- SHA1
  
  bb975283b513aa4c7f4f1e1c2b29302531372992
- SHA256
  
  ac136ec1a3811cb4ce3224b95bbca3b0686704e42bd3e811b184a9c14a3acdfb
- SHA512
  
  3179af120089fa579a8c7a651099d4b849e8acfcd334819eaf5485648436162ddb0f8b075dd26ed9d4dcee76c0728687ea1c9f587f85d416f085c0986631b550
- SSDEEP
  
  6144:vdspDeDrxkg/vrMuJIgwhEFHyOrJcX/Pgqwzm5IzkWjS4e4azExBKO1t4Kb70Nqq:l8kxNhOZElO5kkWjhD4A
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2