86ae296a625f6abab01beff24713f7eb8299f46e17080e845d4d041c94d34325 | Triage

Sharing

General

Target

86ae296a625f6abab01beff24713f7eb8299f46e17080e845d4d041c94d34325
Size

310KB
Sample

221127-2hrcbahd9w
MD5

139c6519f4e593c79f490e4967f84e53
SHA1

2c3aed3cefcb29f9b4f4d56eb618d3938bd89d16
SHA256

86ae296a625f6abab01beff24713f7eb8299f46e17080e845d4d041c94d34325
SHA512

53137a058403737fceaa637ef90771557b8b89476f5b159ab03a3d10da467d653f8d3188619ca520f1373c0956e62170d813bba402d3d31dedaf8b1daab7e848
SSDEEP

3072:1+ySFI8LGyHgjek910shDtYSZyUZis6m/wZd:1Fv8LGyHgl9m8yUZifJZ

Score

8^/10

Malware Config

Targets

- Target
  
  86ae296a625f6abab01beff24713f7eb8299f46e17080e845d4d041c94d34325
- Size
  
  310KB
- MD5
  
  139c6519f4e593c79f490e4967f84e53
- SHA1
  
  2c3aed3cefcb29f9b4f4d56eb618d3938bd89d16
- SHA256
  
  86ae296a625f6abab01beff24713f7eb8299f46e17080e845d4d041c94d34325
- SHA512
  
  53137a058403737fceaa637ef90771557b8b89476f5b159ab03a3d10da467d653f8d3188619ca520f1373c0956e62170d813bba402d3d31dedaf8b1daab7e848
- SSDEEP
  
  3072:1+ySFI8LGyHgjek910shDtYSZyUZis6m/wZd:1Fv8LGyHgl9m8yUZifJZ
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2