a300c5ac929473db2058ebb4ae66b39ecc72fc0f86450fd2b41640a60399e392 | Triage

Sharing

General

Target

a300c5ac929473db2058ebb4ae66b39ecc72fc0f86450fd2b41640a60399e392
Size

857KB
Sample

221207-cdh3pseb74
MD5

29ab442f484f6ac29f224b46b591444e
SHA1

e330358bb4f052d91c804ce31da2730322902cda
SHA256

a300c5ac929473db2058ebb4ae66b39ecc72fc0f86450fd2b41640a60399e392
SHA512

4897f839c7373aca0fe59e1076150cb6543ca290f9fd47515ea563e852152216ba1f9ac59a12047c7745bad9e65130ecba4c51f0580caa34b38f7e55ad33dba3
SSDEEP

6144:d2s1vKWOZkNyvuee4siKXn5Zw3EapegI2Vwns:1W

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  a300c5ac929473db2058ebb4ae66b39ecc72fc0f86450fd2b41640a60399e392
- Size
  
  857KB
- MD5
  
  29ab442f484f6ac29f224b46b591444e
- SHA1
  
  e330358bb4f052d91c804ce31da2730322902cda
- SHA256
  
  a300c5ac929473db2058ebb4ae66b39ecc72fc0f86450fd2b41640a60399e392
- SHA512
  
  4897f839c7373aca0fe59e1076150cb6543ca290f9fd47515ea563e852152216ba1f9ac59a12047c7745bad9e65130ecba4c51f0580caa34b38f7e55ad33dba3
- SSDEEP
  
  6144:d2s1vKWOZkNyvuee4siKXn5Zw3EapegI2Vwns:1W
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2