60e4c77e24a4c565756ad9d919a7b62398588dd960746d97e612fab02f940002 | Triage

Sharing

General

Target

60e4c77e24a4c565756ad9d919a7b62398588dd960746d97e612fab02f940002
Size

1.3MB
Sample

221203-cl5xfahh6x
MD5

d6e90a4d38a5b851bf23243877c5abb1
SHA1

fc14b7ee08fe76871a3289d84afb8ad0e8669ba5
SHA256

60e4c77e24a4c565756ad9d919a7b62398588dd960746d97e612fab02f940002
SHA512

ad03f4daac026e2125d80cbb38df5f54672b3917010a87e44d1a1213e41292c22daeefd85a2136a106734b1d2252572d7665b3257cc1a8c75f8d5525d4b412b2
SSDEEP

24576:kdma4y68uYf3E0crD+PhwZ9SmccyHFwDLh4NB:kGqy+XHFwy

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  60e4c77e24a4c565756ad9d919a7b62398588dd960746d97e612fab02f940002
- Size
  
  1.3MB
- MD5
  
  d6e90a4d38a5b851bf23243877c5abb1
- SHA1
  
  fc14b7ee08fe76871a3289d84afb8ad0e8669ba5
- SHA256
  
  60e4c77e24a4c565756ad9d919a7b62398588dd960746d97e612fab02f940002
- SHA512
  
  ad03f4daac026e2125d80cbb38df5f54672b3917010a87e44d1a1213e41292c22daeefd85a2136a106734b1d2252572d7665b3257cc1a8c75f8d5525d4b412b2
- SSDEEP
  
  24576:kdma4y68uYf3E0crD+PhwZ9SmccyHFwDLh4NB:kGqy+XHFwy
Score

10^/10

persistence evasion
- Modifies firewall policy service
  evasion
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2