295187556d0b67274e12955f54328eeb415b3e4c982332360331dfb7f4cf2df6 | Triage

Sharing

General

Target

295187556d0b67274e12955f54328eeb415b3e4c982332360331dfb7f4cf2df6
Size

726KB
Sample

230112-z13f7aef41
MD5

d0e77b07603d7c8c6f3a3a762836f138
SHA1

a2f1f9a447e406b489b984fa5403a36e79d28911
SHA256

295187556d0b67274e12955f54328eeb415b3e4c982332360331dfb7f4cf2df6
SHA512

f98b81f9b7cda9bce17a995560b6fa9b21fc1765fd48fd6d468444c4236b4c3bfdf925e14956406d34dd268ced6cd083900f3307601e8404ac1c6c5a53f8e348
SSDEEP

12288:vCatIwPtT2lwPtT2VpmxqDbHks2XnFxXKdOUzD1Duc:vzVPtT2OPtT2VpmUHU3F4Tzlu

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  295187556d0b67274e12955f54328eeb415b3e4c982332360331dfb7f4cf2df6
- Size
  
  726KB
- MD5
  
  d0e77b07603d7c8c6f3a3a762836f138
- SHA1
  
  a2f1f9a447e406b489b984fa5403a36e79d28911
- SHA256
  
  295187556d0b67274e12955f54328eeb415b3e4c982332360331dfb7f4cf2df6
- SHA512
  
  f98b81f9b7cda9bce17a995560b6fa9b21fc1765fd48fd6d468444c4236b4c3bfdf925e14956406d34dd268ced6cd083900f3307601e8404ac1c6c5a53f8e348
- SSDEEP
  
  12288:vCatIwPtT2lwPtT2VpmxqDbHks2XnFxXKdOUzD1Duc:vzVPtT2OPtT2VpmUHU3F4Tzlu
Score

8^/10

evasion
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2