0ca35be7843e13053aea9304dc6c342d8deac322dae78ffd66824f367f67db1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ca35be7843e13053aea9304dc6c342d8deac322dae78ffd66824f367f67db1f_2.zip
Size

2.0MB
Sample

221206-qhv5qaed6s
MD5

4162dac0315500e100ad41ea02af860c
SHA1

daca00605ec6bdeb30e6d7c97b493e1d884e012d
SHA256

0ca35be7843e13053aea9304dc6c342d8deac322dae78ffd66824f367f67db1f
SHA512

718ab74705cd697247c25016cf48979149dd4495daf92fd79119f4af5f7160b4776f3ff499fcb4d7647f7a89294e4158a688f8b0984a1631d16c5ed1e5b04c93
SSDEEP

49152:pTUGG6PoKZ81yHn5r7MHUZRYxJy11FvFnI6:pYGGsajHGRYmzFBI6

Score

8^/10

Malware Config

Targets

- Target
  
  first_time_teacher_city_metro_cut_clitoris_hidden_camera.msi
- Size
  
  490.4MB
- MD5
  
  17fdcaae63a66dc1a6a6371acb7c3bea
- SHA1
  
  bc60293770e882474ac780a0724b99b5d7681971
- SHA256
  
  80dfed9ad4d2b26807081fa8fc0a1260255bdb818cf03fa6144f3c3c3b2608df
- SHA512
  
  6a97b56ce023461781eb081a465474f85f342e9b6e95bbcc34e5fde52c9ccbfe7b7ba2b46b832ac269692f11e98083ea7f090b7093576ce9befb8004abc52514
- SSDEEP
  
  24576:zxgmrlIejaY+f995uHtvSOtseOaooW7TWA+7GWmzoInjcpKI7dNbD7+eoYBsQ0ks:1TrlIyksjOaotTWA+DufGTPzB29FQY
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2