43eca0c1b6e74208f134d20ff283f983c030635433757dec8b9f15e0c4947c1a | Triage

Sharing

General

Target

43eca0c1b6e74208f134d20ff283f983c030635433757dec8b9f15e0c4947c1a
Size

148KB
Sample

221201-ffhrhaeh79
MD5

48355fa3f4f63c208b84a94af3a84840
SHA1

8bd54d9f08fafda89a47e0890926ae0a3a1932db
SHA256

43eca0c1b6e74208f134d20ff283f983c030635433757dec8b9f15e0c4947c1a
SHA512

c2c5e5d0fd5a6a0713b05bccbc526da61e81f4274568fff5264eb876495507fa2527746ac74b7b8cd6fe7df2d3b3b8a4ac6478169636ee4a4aed9be4542d657f
SSDEEP

3072:hIZWWxukZThtCdVBJvXIATEi+S9ofjh4BwL1/BKbcltbAX24X:hIIWxu+hOVTXIAQDSifjh4Bwx/B9ltKX

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  43eca0c1b6e74208f134d20ff283f983c030635433757dec8b9f15e0c4947c1a
- Size
  
  148KB
- MD5
  
  48355fa3f4f63c208b84a94af3a84840
- SHA1
  
  8bd54d9f08fafda89a47e0890926ae0a3a1932db
- SHA256
  
  43eca0c1b6e74208f134d20ff283f983c030635433757dec8b9f15e0c4947c1a
- SHA512
  
  c2c5e5d0fd5a6a0713b05bccbc526da61e81f4274568fff5264eb876495507fa2527746ac74b7b8cd6fe7df2d3b3b8a4ac6478169636ee4a4aed9be4542d657f
- SSDEEP
  
  3072:hIZWWxukZThtCdVBJvXIATEi+S9ofjh4BwL1/BKbcltbAX24X:hIIWxu+hOVTXIAQDSifjh4Bwx/B9ltKX
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2