4aa115325609505c9a7ae99c558bea02a5424c37c931a7e559311eef2cda2320 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4aa115325609505c9a7ae99c558bea02a5424c37c931a7e559311eef2cda2320
Size

91KB
Sample

221129-hanrnsdg57
MD5

0180e8b0cc14ecdd5079f135383c8eaa
SHA1

6a8cb62b1ad66640cd9a046e804ff62e09bc0aa9
SHA256

4aa115325609505c9a7ae99c558bea02a5424c37c931a7e559311eef2cda2320
SHA512

9035f57f1292014732015bfe0cda6fd24855f13c044aabf8627caedfe8f984f6e7d1f2cd0b481f643b60ca1f84baa6aeee64b1521436bc634513d8dc9836cc73
SSDEEP

1536:wLmITQ1zIrjmiocUyFoTv97daqxSgXTZ53isKldlvAi2d:wQoVocUy6TddaqxqZFG

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  4aa115325609505c9a7ae99c558bea02a5424c37c931a7e559311eef2cda2320
- Size
  
  91KB
- MD5
  
  0180e8b0cc14ecdd5079f135383c8eaa
- SHA1
  
  6a8cb62b1ad66640cd9a046e804ff62e09bc0aa9
- SHA256
  
  4aa115325609505c9a7ae99c558bea02a5424c37c931a7e559311eef2cda2320
- SHA512
  
  9035f57f1292014732015bfe0cda6fd24855f13c044aabf8627caedfe8f984f6e7d1f2cd0b481f643b60ca1f84baa6aeee64b1521436bc634513d8dc9836cc73
- SSDEEP
  
  1536:wLmITQ1zIrjmiocUyFoTv97daqxSgXTZ53isKldlvAi2d:wQoVocUy6TddaqxqZFG
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2