7768ecf129545b66759c05cf0b19318eef34b22bd492f8599413a4474cdc72f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rape_daughter_near_the_park_cut_clitoris_hidden_camera.msi
Size

497.4MB
Sample

221129-nx5xcsfb76
MD5

87abfbff792b2cd23151521dcf3c8714
SHA1

762027de0adfdf25b61c51d6ff91b963ea9ce6ed
SHA256

7768ecf129545b66759c05cf0b19318eef34b22bd492f8599413a4474cdc72f7
SHA512

2d1367f6ed10ca4f32a226fa33bc79c522845529d64e34300dc2a2e306145b4da2d6423a8ad2d7273c27e60520be9c78b91e0c59eda86f57fa1c7b11bc19946f
SSDEEP

49152:wmAaau8cYKCB7nxSpWh1NrpIZ0XPf/gkPzB29FQk:wmXaucnsWh1J+6XT7BaFQk

Score

8^/10

Malware Config

Targets

- Target
  
  rape_daughter_near_the_park_cut_clitoris_hidden_camera.msi
- Size
  
  497.4MB
- MD5
  
  87abfbff792b2cd23151521dcf3c8714
- SHA1
  
  762027de0adfdf25b61c51d6ff91b963ea9ce6ed
- SHA256
  
  7768ecf129545b66759c05cf0b19318eef34b22bd492f8599413a4474cdc72f7
- SHA512
  
  2d1367f6ed10ca4f32a226fa33bc79c522845529d64e34300dc2a2e306145b4da2d6423a8ad2d7273c27e60520be9c78b91e0c59eda86f57fa1c7b11bc19946f
- SSDEEP
  
  49152:wmAaau8cYKCB7nxSpWh1NrpIZ0XPf/gkPzB29FQk:wmXaucnsWh1J+6XT7BaFQk
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2