c8f3bebe617455304a356ee76bfd21607109509a4f5ad1dbd2576167538ea6da | Triage

Sharing

General

Target

c8f3bebe617455304a356ee76bfd21607109509a4f5ad1dbd2576167538ea6da
Size

246KB
Sample

221124-x27q7agh4s
MD5

04bc3c84283709a0eeebc8fe24a5cac6
SHA1

4279530483a04d9569a253e7c67dd95e9c391faf
SHA256

c8f3bebe617455304a356ee76bfd21607109509a4f5ad1dbd2576167538ea6da
SHA512

0d07bbc9a20c48af1c35126f2422be9ec094d8e4aa21ddc1f6da3ce97f9747219d8b739d8f5ed26abaf9f05efde3133dc70841dbd63fe93e18f76487e9b2edfd
SSDEEP

3072:gC68nvacfUuOrJeEBitBbR79SwFK6avQIJIgAkD27FLR8/7DY652cSrlfqceAJNw:gC6JvFJwxzFK6aVJN52cklydAJN729

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c8f3bebe617455304a356ee76bfd21607109509a4f5ad1dbd2576167538ea6da
- Size
  
  246KB
- MD5
  
  04bc3c84283709a0eeebc8fe24a5cac6
- SHA1
  
  4279530483a04d9569a253e7c67dd95e9c391faf
- SHA256
  
  c8f3bebe617455304a356ee76bfd21607109509a4f5ad1dbd2576167538ea6da
- SHA512
  
  0d07bbc9a20c48af1c35126f2422be9ec094d8e4aa21ddc1f6da3ce97f9747219d8b739d8f5ed26abaf9f05efde3133dc70841dbd63fe93e18f76487e9b2edfd
- SSDEEP
  
  3072:gC68nvacfUuOrJeEBitBbR79SwFK6avQIJIgAkD27FLR8/7DY652cSrlfqceAJNw:gC6JvFJwxzFK6aVJN52cklydAJN729
Score

8^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2