ccde6ef3805afa4d772fe69d8bc2120bcc891a00b3a2cdddc972894e20455e8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccde6ef3805afa4d772fe69d8bc2120bcc891a00b3a2cdddc972894e20455e8c
Size

60KB
Sample

221206-pm3jxsgh89
MD5

92a71ff701531becdcac08670b5f998b
SHA1

731d2ebd930cbd7e369547520430c55f0fbcc29d
SHA256

ccde6ef3805afa4d772fe69d8bc2120bcc891a00b3a2cdddc972894e20455e8c
SHA512

c305774117606e2d7c30dee1c924d2d6ea31ae756a66a980b1f04b012fd39f818e7d0df0eb0e978f56b29897d4c4af8e07d96242c0d6738c9265fffa7ac885c8
SSDEEP

384:EJiHY5/DLS+RRwZA4v+mNl6dmg8jp3lTv6cWpaOrGQeAqcU/K3ZhqBiLl83RQifs:EE41vSeT4hemjuzeA2qG+UQmzVTZdZ4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ccde6ef3805afa4d772fe69d8bc2120bcc891a00b3a2cdddc972894e20455e8c
- Size
  
  60KB
- MD5
  
  92a71ff701531becdcac08670b5f998b
- SHA1
  
  731d2ebd930cbd7e369547520430c55f0fbcc29d
- SHA256
  
  ccde6ef3805afa4d772fe69d8bc2120bcc891a00b3a2cdddc972894e20455e8c
- SHA512
  
  c305774117606e2d7c30dee1c924d2d6ea31ae756a66a980b1f04b012fd39f818e7d0df0eb0e978f56b29897d4c4af8e07d96242c0d6738c9265fffa7ac885c8
- SSDEEP
  
  384:EJiHY5/DLS+RRwZA4v+mNl6dmg8jp3lTv6cWpaOrGQeAqcU/K3ZhqBiLl83RQifs:EE41vSeT4hemjuzeA2qG+UQmzVTZdZ4
Score

8^/10

persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2