3995a9a2bcd8da259d9df6a8b0b4615dfb0c3236f8fd0ab0c65d034e3d506396 | Triage

Sharing

General

Target

3995a9a2bcd8da259d9df6a8b0b4615dfb0c3236f8fd0ab0c65d034e3d506396
Size

73KB
Sample

221204-naa4gach73
MD5

77e94c42e5cda17d1022d780a93d2a98
SHA1

50b60b4368dbaffd3ff186fc47f763cfaa27293a
SHA256

3995a9a2bcd8da259d9df6a8b0b4615dfb0c3236f8fd0ab0c65d034e3d506396
SHA512

9c0c9b4fcbf43093f3cd716e5bb02568af1808fe7342de473630449c2112658716be9b068450a5130b3d16acdf97b86eb6c23310a4e4db1962108a7be65807db
SSDEEP

1536:omVJdMmJyDl+t7LZpoWyHjmgQifdsW9Uz2X+Ox:ogJuIyDCZRyHj9QGiqUCu+

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  3995a9a2bcd8da259d9df6a8b0b4615dfb0c3236f8fd0ab0c65d034e3d506396
- Size
  
  73KB
- MD5
  
  77e94c42e5cda17d1022d780a93d2a98
- SHA1
  
  50b60b4368dbaffd3ff186fc47f763cfaa27293a
- SHA256
  
  3995a9a2bcd8da259d9df6a8b0b4615dfb0c3236f8fd0ab0c65d034e3d506396
- SHA512
  
  9c0c9b4fcbf43093f3cd716e5bb02568af1808fe7342de473630449c2112658716be9b068450a5130b3d16acdf97b86eb6c23310a4e4db1962108a7be65807db
- SSDEEP
  
  1536:omVJdMmJyDl+t7LZpoWyHjmgQifdsW9Uz2X+Ox:ogJuIyDCZRyHj9QGiqUCu+
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2