c7bd7fc920e917cd89dc2b2e0cc0fd60698d98be98aca59eff88e11047a6ef66 | Triage

Sharing

General

Target

842854e0c495341ef9b015fdc6e8e66f99b4b435
Size

1.8MB
Sample

230116-hwxlpsba67
MD5

566bf0205c5841a44fa70c96405f5278
SHA1

842854e0c495341ef9b015fdc6e8e66f99b4b435
SHA256

c7bd7fc920e917cd89dc2b2e0cc0fd60698d98be98aca59eff88e11047a6ef66
SHA512

0c83670f4647867c078a5f388a09b97bb13a7855b7f896abef5ad0aede79d257bf0053689122ade64d758e78e8d4575bd708d15ba4ae46e113ec5fa91020d5e8
SSDEEP

24576:PUQ6+s2eGzYMubNVMJmqezs9M81d/D3O7NiLZVIcCSn+R:sQ6+s2elZGJS4W81BOaVIN

Score

8^/10

Malware Config

Targets

- Target
  
  Setup/Installer.msi
- Size
  
  495.2MB
- MD5
  
  f74a9c8f571b6d32a6cb781135fbc796
- SHA1
  
  7f3abd0ed7ca0c34beeaf6b96e6619e5725d9284
- SHA256
  
  285303f92c7d61cbabafcd9c39bbfd1ca38521f4f9accb141c7025f59c21e069
- SHA512
  
  fcf05863dbc3960e57998d83ed63b1b39fd003be8f0dc8f49f6613b7dba2478a4c6edecea93f2e79b9f1e79e73cd90a20016c447b85246531337c3abb3ec6f87
- SSDEEP
  
  49152:Bttql9KqPxDGSkYTikwpNLH3dPzB29FQR:uNZD91MpNjd7BaFQR
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2