cf4aa00f246f742902eb1ebee70bc9ffffeac005c59be4527780ef3fd4d0391d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf4aa00f246f742902eb1ebee70bc9ffffeac005c59be4527780ef3fd4d0391d
Size

36KB
Sample

221204-d28tpsge8s
MD5

b4629e3efaeb294da6bb9ca8380861c8
SHA1

679c1dfff2f47b255b50198f7d2982ded3dee94d
SHA256

cf4aa00f246f742902eb1ebee70bc9ffffeac005c59be4527780ef3fd4d0391d
SHA512

e9fc2d0da3b0ede9065ecba68dabead7cec84cf1a636449e24055d4b9f9625cecb66ed3d30ddcd1fd570046917f544f75de4db561f86685ae75d00791043b0b9
SSDEEP

768:3Q2p+BhN0fulceRp2HTpUnolUaZs/1is+LLU+:3Q2p+B7tRpk1UOUcs/1T+Lo

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  cf4aa00f246f742902eb1ebee70bc9ffffeac005c59be4527780ef3fd4d0391d
- Size
  
  36KB
- MD5
  
  b4629e3efaeb294da6bb9ca8380861c8
- SHA1
  
  679c1dfff2f47b255b50198f7d2982ded3dee94d
- SHA256
  
  cf4aa00f246f742902eb1ebee70bc9ffffeac005c59be4527780ef3fd4d0391d
- SHA512
  
  e9fc2d0da3b0ede9065ecba68dabead7cec84cf1a636449e24055d4b9f9625cecb66ed3d30ddcd1fd570046917f544f75de4db561f86685ae75d00791043b0b9
- SSDEEP
  
  768:3Q2p+BhN0fulceRp2HTpUnolUaZs/1is+LLU+:3Q2p+B7tRpk1UOUcs/1T+Lo
Score

8^/10

evasion
- Disables Task Manager via registry modification
  evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2