684f2b0f0154b876eb43841cb3a35ce25e319d85d826d688c12b0ffaa81c3609 | Triage

Sharing

General

Target

684f2b0f0154b876eb43841cb3a35ce25e319d85d826d688c12b0ffaa81c3609
Size

137KB
Sample

221205-q9jwrsfc69
MD5

1eae5e7b0aa7d7d7bf08b9bdaddddac0
SHA1

632e70ddd185f3198473ff706a569a4e2c6ddc79
SHA256

684f2b0f0154b876eb43841cb3a35ce25e319d85d826d688c12b0ffaa81c3609
SHA512

bebec15aa16c7fc21cc7d75731f97fb79591b8258e331f7643739e9af860dc1d93b08ef07e60c402a75c6efa6f5e0c747ae31111f7e2314c2c55e994e388e5b8
SSDEEP

3072:VEsUqjkvgA+rROXqDvZ4e/hCL3CQ9vnkuOfpYoizXKv6tF/JQEgUlW:5pjqgAvsR4e5CL3C+vdOfppIXKSNrpU

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  684f2b0f0154b876eb43841cb3a35ce25e319d85d826d688c12b0ffaa81c3609
- Size
  
  137KB
- MD5
  
  1eae5e7b0aa7d7d7bf08b9bdaddddac0
- SHA1
  
  632e70ddd185f3198473ff706a569a4e2c6ddc79
- SHA256
  
  684f2b0f0154b876eb43841cb3a35ce25e319d85d826d688c12b0ffaa81c3609
- SHA512
  
  bebec15aa16c7fc21cc7d75731f97fb79591b8258e331f7643739e9af860dc1d93b08ef07e60c402a75c6efa6f5e0c747ae31111f7e2314c2c55e994e388e5b8
- SSDEEP
  
  3072:VEsUqjkvgA+rROXqDvZ4e/hCL3CQ9vnkuOfpYoizXKv6tF/JQEgUlW:5pjqgAvsR4e5CL3C+vdOfppIXKSNrpU
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2