8d2fce265055d855b22f32ade879bffed6e0c2bbfc7b796feb2e054dbd07476f | Triage

Sharing

General

Target

8d2fce265055d855b22f32ade879bffed6e0c2bbfc7b796feb2e054dbd07476f
Size

192KB
Sample

221203-zejrysdb87
MD5

216c808618f6158ac0d3467f96cf2c10
SHA1

d918b9bc61ac4db767dc2cf62c62c6c85f4e1e4b
SHA256

8d2fce265055d855b22f32ade879bffed6e0c2bbfc7b796feb2e054dbd07476f
SHA512

092c90d309ec8bbfecaadf7356c5bc0176738629fb8a9b65bfd474d7654c8675686296e62b8c939e77fb05eb6d9e0ef3ec7e49cc548cd51790a1856c29622d79
SSDEEP

3072:uMZvViMkD/zMbxso+m+dYOGpfHsKv5AgIA73D01msntrRcfeD9:X/uL0Ko+mrpftv5AfA7CmArGfe

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  8d2fce265055d855b22f32ade879bffed6e0c2bbfc7b796feb2e054dbd07476f
- Size
  
  192KB
- MD5
  
  216c808618f6158ac0d3467f96cf2c10
- SHA1
  
  d918b9bc61ac4db767dc2cf62c62c6c85f4e1e4b
- SHA256
  
  8d2fce265055d855b22f32ade879bffed6e0c2bbfc7b796feb2e054dbd07476f
- SHA512
  
  092c90d309ec8bbfecaadf7356c5bc0176738629fb8a9b65bfd474d7654c8675686296e62b8c939e77fb05eb6d9e0ef3ec7e49cc548cd51790a1856c29622d79
- SSDEEP
  
  3072:uMZvViMkD/zMbxso+m+dYOGpfHsKv5AgIA73D01msntrRcfeD9:X/uL0Ko+mrpftv5AfA7CmArGfe
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2