a56a71568e2fae3cae4e7eab6acb227c82006ebd1cecfb1e008f0d9408878f61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a56a71568e2fae3cae4e7eab6acb227c82006ebd1cecfb1e008f0d9408878f61
Size

536KB
Sample

221203-xk4cfaba5y
MD5

0dcdc1a0b4a002c2c25c856db183b5f4
SHA1

12ed6403d248f9b8f8a3aa89b396945a18e32b8a
SHA256

a56a71568e2fae3cae4e7eab6acb227c82006ebd1cecfb1e008f0d9408878f61
SHA512

f3eddb943bd31223283adf94373f60c36bfc0a0c0dd9920bd481d420805972d1945305d3a26779d17890e43025bccf88f5da8be54138e6d7f2af4d39efcdad09
SSDEEP

12288:nXV9Hedhr6eecMwIsf8c2a7rGNrkty0fkhAlmvl:nXLHerxfIsf8c2aErmyFAel

Score

6^/10

Malware Config

Targets

- Target
  
  a56a71568e2fae3cae4e7eab6acb227c82006ebd1cecfb1e008f0d9408878f61
- Size
  
  536KB
- MD5
  
  0dcdc1a0b4a002c2c25c856db183b5f4
- SHA1
  
  12ed6403d248f9b8f8a3aa89b396945a18e32b8a
- SHA256
  
  a56a71568e2fae3cae4e7eab6acb227c82006ebd1cecfb1e008f0d9408878f61
- SHA512
  
  f3eddb943bd31223283adf94373f60c36bfc0a0c0dd9920bd481d420805972d1945305d3a26779d17890e43025bccf88f5da8be54138e6d7f2af4d39efcdad09
- SSDEEP
  
  12288:nXV9Hedhr6eecMwIsf8c2a7rGNrkty0fkhAlmvl:nXLHerxfIsf8c2aErmyFAel
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2