c55227402dde8bacfd602b91c4e3a048cd318686302d699518764ac827cef4d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c55227402dde8bacfd602b91c4e3a048cd318686302d699518764ac827cef4d5
Size

124KB
Sample

221203-qt3c6shd7w
MD5

f7543028c242a36fcb81db8b6d555d6e
SHA1

3626da320d8628e9f2eb5817a751b3c19f33158d
SHA256

c55227402dde8bacfd602b91c4e3a048cd318686302d699518764ac827cef4d5
SHA512

49ed3c1f4a88f15e180669671e367e00b4756f31ca5f4e2aacc731ce3a78cdfff61beeef6dc970b72b01966b19c78534e0e857319482b7fb9a9ea18ab1e951d3
SSDEEP

1536:kDVlvqMqwtCW8baWroeGQy16Q0eaO7lXcPafkoRYW/qBK8QhuDlYoIX0:85fLtCXaBeGeQ8OWyAW/f0Dle0

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  c55227402dde8bacfd602b91c4e3a048cd318686302d699518764ac827cef4d5
- Size
  
  124KB
- MD5
  
  f7543028c242a36fcb81db8b6d555d6e
- SHA1
  
  3626da320d8628e9f2eb5817a751b3c19f33158d
- SHA256
  
  c55227402dde8bacfd602b91c4e3a048cd318686302d699518764ac827cef4d5
- SHA512
  
  49ed3c1f4a88f15e180669671e367e00b4756f31ca5f4e2aacc731ce3a78cdfff61beeef6dc970b72b01966b19c78534e0e857319482b7fb9a9ea18ab1e951d3
- SSDEEP
  
  1536:kDVlvqMqwtCW8baWroeGQy16Q0eaO7lXcPafkoRYW/qBK8QhuDlYoIX0:85fLtCXaBeGeQ8OWyAW/f0Dle0
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2