b6ac53f9b3debc05da150be0295667bc5fcc0804597c6ada70cffb930c84c099 | Triage

Sharing

General

Target

b6ac53f9b3debc05da150be0295667bc5fcc0804597c6ada70cffb930c84c099
Size

45KB
Sample

221203-1tra1sch2w
MD5

78e94ee146e48e6f84d6fe681c80d812
SHA1

73c06e7aa0a0d48c79520a6971553d1b378a5136
SHA256

b6ac53f9b3debc05da150be0295667bc5fcc0804597c6ada70cffb930c84c099
SHA512

4e9c87ba0f7c933671751e9e77aea2123589761cddf8e02fc570b0d26a1f897c913ad3cf13bc51b6cded972f18e53947527fa6cc90e2120e7c0fad3207b6b920
SSDEEP

768:2wuEVsNpKdxulBo6LLfI0bntP45CTsqsUryfqkR4k1+m2VAG/IYAk5mrvk6aqRT:2iiWulVLEUDfRsq5kQm0AG/nmnf

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  b6ac53f9b3debc05da150be0295667bc5fcc0804597c6ada70cffb930c84c099
- Size
  
  45KB
- MD5
  
  78e94ee146e48e6f84d6fe681c80d812
- SHA1
  
  73c06e7aa0a0d48c79520a6971553d1b378a5136
- SHA256
  
  b6ac53f9b3debc05da150be0295667bc5fcc0804597c6ada70cffb930c84c099
- SHA512
  
  4e9c87ba0f7c933671751e9e77aea2123589761cddf8e02fc570b0d26a1f897c913ad3cf13bc51b6cded972f18e53947527fa6cc90e2120e7c0fad3207b6b920
- SSDEEP
  
  768:2wuEVsNpKdxulBo6LLfI0bntP45CTsqsUryfqkR4k1+m2VAG/IYAk5mrvk6aqRT:2iiWulVLEUDfRsq5kQm0AG/nmnf
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence