32f4b7b56845b1c68dc066389ec709d48835150e6f8781cb938836ea381b88a3 | Triage

Sharing

General

Target

32f4b7b56845b1c68dc066389ec709d48835150e6f8781cb938836ea381b88a3.vhd
Size

13.0MB
Sample

221124-ng65gsaf38
MD5

86b415dbf3bf56a7b03e5625a6139de7
SHA1

56029454d2616c57830f081ff552484b7f5c4cfd
SHA256

32f4b7b56845b1c68dc066389ec709d48835150e6f8781cb938836ea381b88a3
SHA512

8272d66f1c2cd04b0f05798565a3ed5b57b8dd9b674376e95a684b471ad3aeeb625dd66c107678bb48d4e2107b88da5398abf7aaebcd8dd8f8bd05a49529ee1e
SSDEEP

98304:nGofBLWN29gDeqzHCtYSJ8e9gDeqzHCtYS:nGoNW3HCt7meW3HCt7

Score

6^/10

Malware Config

Targets

- Target
  
  AdFind.exe
- Size
  
  1.5MB
- MD5
  
  12011c44955fd6631113f68a99447515
- SHA1
  
  4f4f8cf0f9b47d0ad95d159201fe7e72fbc8448d
- SHA256
  
  c92c158d7c37fea795114fa6491fe5f145ad2f8c08776b18ae79db811e8e36a3
- SHA512
  
  61469d638d71e85ece24a0c1d7e7badd4e9e869815f99987dbdc1ae847d1b509cd53e992335b7fbdd1d771f774ee34b88ae386bdb55a2da8c8e21f8b1e194e02
- SSDEEP
  
  49152:R8/N+FV3giuequoTWmyjegvtYSN2NYwsmeMcx:RWN29gDeqzHCtYS
Score

1^/10
behavioral1 behavioral2
- Target
  
  run.bat
- Size
  
  13B
- MD5
  
  c63445a38455903301a58b7d4a537e92
- SHA1
  
  7487d515c1ad09e4d7c7e48fa4dc2dc5405666bf
- SHA256
  
  dd679686dbb331bb719b17883dc2e52f3bbd2f2b5f1d4fed3bb2dd1dd0d62206
- SHA512
  
  abf0a0df33705875e90d55fe23d9559afaa8e7b9d75391a2bfe2d848f6afa867dc25ae375e1e9b7e0dd12d27b26686c4a87a20fb70196d126cf6c8386f3b8059
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4