a5a596c075c04089ce2ebf46f1880cf5261d5e82e0d486e9f412df8d5800d3cd | Triage

Sharing

General

Target

a5a596c075c04089ce2ebf46f1880cf5261d5e82e0d486e9f412df8d5800d3cd
Size

152KB
Sample

221125-p1ed9ahd38
MD5

186299e7ddd9d731d9e43407f90ac321
SHA1

b11254abc3c2c2420b73f0f99e57de2f0f6a2851
SHA256

a5a596c075c04089ce2ebf46f1880cf5261d5e82e0d486e9f412df8d5800d3cd
SHA512

a0a5f47d03855ac1f13eb95060b3f7b1a5fc54696094bcc55f48728e5dc53eacd10d1db0ebff76a5e784e58cc4e81959aa0534aa9462c4f1207fde37c8973796
SSDEEP

3072:pYjdJKvmC0kFmQkQhA8huFUg0xg0fg1TWMKuEcUBe1LHeo:p90kDBAcqUrxgCF3BaHeo

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  a5a596c075c04089ce2ebf46f1880cf5261d5e82e0d486e9f412df8d5800d3cd
- Size
  
  152KB
- MD5
  
  186299e7ddd9d731d9e43407f90ac321
- SHA1
  
  b11254abc3c2c2420b73f0f99e57de2f0f6a2851
- SHA256
  
  a5a596c075c04089ce2ebf46f1880cf5261d5e82e0d486e9f412df8d5800d3cd
- SHA512
  
  a0a5f47d03855ac1f13eb95060b3f7b1a5fc54696094bcc55f48728e5dc53eacd10d1db0ebff76a5e784e58cc4e81959aa0534aa9462c4f1207fde37c8973796
- SSDEEP
  
  3072:pYjdJKvmC0kFmQkQhA8huFUg0xg0fg1TWMKuEcUBe1LHeo:p90kDBAcqUrxgCF3BaHeo
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops startup file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2