3f2903eabb16089c302bc2bdbd1c868b26ee57b3fceb7c4cc5ac4bbdd6320bd5 | Triage

Sharing

General

Target

3f2903eabb16089c302bc2bdbd1c868b26ee57b3fceb7c4cc5ac4bbdd6320bd5
Size

77KB
Sample

221127-w1wrvshc78
MD5

0c0246f18d77d4f44f882e4137f9fe44
SHA1

7fdfaef27462d9948b206a33411964335d21ed7d
SHA256

3f2903eabb16089c302bc2bdbd1c868b26ee57b3fceb7c4cc5ac4bbdd6320bd5
SHA512

aa060b01b9e22d38c9d63e45df10e1fa5708e726b740ece0cec19c5973f83143cdd1cbd4c63f4d6061d76ac24297ba892a19d30880d90141d2a8f1f5ef0288e5
SSDEEP

1536:3q/i3zyJOVsrQai/vv7NjzDTiY+JUt8eHcVTIzj/UpF20qfWT5Me:3TQ4ai/vvxjzDeY+J+8eHKTI/cpFJwWr

Score

8^/10

Malware Config

Targets

- Target
  
  3f2903eabb16089c302bc2bdbd1c868b26ee57b3fceb7c4cc5ac4bbdd6320bd5
- Size
  
  77KB
- MD5
  
  0c0246f18d77d4f44f882e4137f9fe44
- SHA1
  
  7fdfaef27462d9948b206a33411964335d21ed7d
- SHA256
  
  3f2903eabb16089c302bc2bdbd1c868b26ee57b3fceb7c4cc5ac4bbdd6320bd5
- SHA512
  
  aa060b01b9e22d38c9d63e45df10e1fa5708e726b740ece0cec19c5973f83143cdd1cbd4c63f4d6061d76ac24297ba892a19d30880d90141d2a8f1f5ef0288e5
- SSDEEP
  
  1536:3q/i3zyJOVsrQai/vv7NjzDTiY+JUt8eHcVTIzj/UpF20qfWT5Me:3TQ4ai/vvxjzDeY+J+8eHKTI/cpFJwWr
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2