2ea8920bf40d1f6d3822b08f2363b69001e48719551f19993cbaa11165fc4b4a | Triage

Sharing

General

Target

2ea8920bf40d1f6d3822b08f2363b69001e48719551f19993cbaa11165fc4b4a
Size

72KB
Sample

221129-ts2a9shc61
MD5

9d077ecbe40bbea4490ec87ab1279d80
SHA1

5b6280a660d0143f90e73fdcd3f88618ea1ae17a
SHA256

2ea8920bf40d1f6d3822b08f2363b69001e48719551f19993cbaa11165fc4b4a
SHA512

33640f89841f5a5869ee95c8e776d9f61f51f21c25fb45c66f4b39c72c69f87ff681e26d379ceec560adf6735d54ba8830c6c2ea908975790e634b986dc1062d
SSDEEP

1536:ymv6BS7LL1w+o9yHSmGhbw9QDyJYzC7gtop0Z:yVBon1wJyHS04RzsKAE

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2ea8920bf40d1f6d3822b08f2363b69001e48719551f19993cbaa11165fc4b4a
- Size
  
  72KB
- MD5
  
  9d077ecbe40bbea4490ec87ab1279d80
- SHA1
  
  5b6280a660d0143f90e73fdcd3f88618ea1ae17a
- SHA256
  
  2ea8920bf40d1f6d3822b08f2363b69001e48719551f19993cbaa11165fc4b4a
- SHA512
  
  33640f89841f5a5869ee95c8e776d9f61f51f21c25fb45c66f4b39c72c69f87ff681e26d379ceec560adf6735d54ba8830c6c2ea908975790e634b986dc1062d
- SSDEEP
  
  1536:ymv6BS7LL1w+o9yHSmGhbw9QDyJYzC7gtop0Z:yVBon1wJyHS04RzsKAE
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2