4b2a48e6f8e0a2d0346374bd5be5e1df6c7915fefcb4044aa2e59491d3bc1742 | Triage

Resubmissions

21-12-2022 15:44

221221-s6gy4sce96 8

21-12-2022 15:39

221221-s3wm4ace89 8

21-12-2022 15:33

221221-szlnqace83 8

21-12-2022 15:27

221221-svzd1sff61 7

Sharing

General

Target

ComFlor_v9.0.34.msi
Size

56.7MB
Sample

221221-szlnqace83
MD5

bba44278d5eb701ee7d15edeab5299c9
SHA1

65d250924e3061c582d0c7c3abc4470a29c1db61
SHA256

4b2a48e6f8e0a2d0346374bd5be5e1df6c7915fefcb4044aa2e59491d3bc1742
SHA512

79f0279abc8e3e1b86e0f176eb3b46c6eb424b2749fdbf757c56f611cee4e86b94bb915c203db8fc773a3f6f6fb93985e35c4c305e38fd6a3655cf7f68714931
SSDEEP

1572864:pAnIU1ly9WSBdMdQDyqpfZLedFbplnJTHoBHIPhdfBhIVEeI:pAnIwlk8qyqtZCn3JTHKHIPNsEl

Score

8^/10

Malware Config

Targets

- Target
  
  ComFlor_v9.0.34.msi
- Size
  
  56.7MB
- MD5
  
  bba44278d5eb701ee7d15edeab5299c9
- SHA1
  
  65d250924e3061c582d0c7c3abc4470a29c1db61
- SHA256
  
  4b2a48e6f8e0a2d0346374bd5be5e1df6c7915fefcb4044aa2e59491d3bc1742
- SHA512
  
  79f0279abc8e3e1b86e0f176eb3b46c6eb424b2749fdbf757c56f611cee4e86b94bb915c203db8fc773a3f6f6fb93985e35c4c305e38fd6a3655cf7f68714931
- SSDEEP
  
  1572864:pAnIU1ly9WSBdMdQDyqpfZLedFbplnJTHoBHIPhdfBhIVEeI:pAnIwlk8qyqtZCn3JTHKHIPNsEl
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2