ef34ffa7b559a6f432b068d4b69a99c89114049bea9f7a913f09ea2e7e168018 | Triage

Sharing

General

Target

DocuSignPrintDriver.msi
Size

3.9MB
Sample

230124-m7p38acb3x
MD5

6cc8102177ffbe73d68c045a9b08ed36
SHA1

c45d48a9121fd5769854ef4ee83e06d9a11ac038
SHA256

ef34ffa7b559a6f432b068d4b69a99c89114049bea9f7a913f09ea2e7e168018
SHA512

8eb8b1a08220297c7d021ba4d4b296b1d2fd6fee03fe131b747cce0d49e00b4b27b90641b7b404f187e687109dc6e1056bf965eb9eadaaf048c3b18f7da56d53
SSDEEP

98304:+24BBSo5sThfNHC11VB4mfcgE8DYS2Cyr0c/nrIvhrl:+24bShThfgrVB4E46tyrxkvh

Score

8^/10

Malware Config

Targets

- Target
  
  DocuSignPrintDriver.msi
- Size
  
  3.9MB
- MD5
  
  6cc8102177ffbe73d68c045a9b08ed36
- SHA1
  
  c45d48a9121fd5769854ef4ee83e06d9a11ac038
- SHA256
  
  ef34ffa7b559a6f432b068d4b69a99c89114049bea9f7a913f09ea2e7e168018
- SHA512
  
  8eb8b1a08220297c7d021ba4d4b296b1d2fd6fee03fe131b747cce0d49e00b4b27b90641b7b404f187e687109dc6e1056bf965eb9eadaaf048c3b18f7da56d53
- SSDEEP
  
  98304:+24BBSo5sThfNHC11VB4mfcgE8DYS2Cyr0c/nrIvhrl:+24bShThfgrVB4E46tyrxkvh
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1