fafaa6bdd86f5a0d1a972666c93a709ba3ac8f4043353e51cf1eb6f4f8e9a297 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fafaa6bdd86f5a0d1a972666c93a709ba3ac8f4043353e51cf1eb6f4f8e9a297
Size

563KB
Sample

221203-fgyjcafc65
MD5

3acced79579858b4773e3f4da82e7780
SHA1

f55212618193daf38b2688510d739f38fa1b7bc0
SHA256

fafaa6bdd86f5a0d1a972666c93a709ba3ac8f4043353e51cf1eb6f4f8e9a297
SHA512

7b613c4aa4591965110968af9b9696eacc8db0ff80de66e62c39d55e9e808a4ae67a780a649c8e6b1f1679f60615a31df531678888713eb90a1ee2c67ced205f
SSDEEP

12288:52JylsKTWeDQ4dvfLKnxLVMsCpn5K6hvLs:52JyxCYvuxLYi6hw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  fafaa6bdd86f5a0d1a972666c93a709ba3ac8f4043353e51cf1eb6f4f8e9a297
- Size
  
  563KB
- MD5
  
  3acced79579858b4773e3f4da82e7780
- SHA1
  
  f55212618193daf38b2688510d739f38fa1b7bc0
- SHA256
  
  fafaa6bdd86f5a0d1a972666c93a709ba3ac8f4043353e51cf1eb6f4f8e9a297
- SHA512
  
  7b613c4aa4591965110968af9b9696eacc8db0ff80de66e62c39d55e9e808a4ae67a780a649c8e6b1f1679f60615a31df531678888713eb90a1ee2c67ced205f
- SSDEEP
  
  12288:52JylsKTWeDQ4dvfLKnxLVMsCpn5K6hvLs:52JyxCYvuxLYi6hw
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2