29e447a6121dd2b1d1221821bd6c4b0e20c437c62264844e8bcbb9d4be35f013 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da2216c28de4c1bf15ea1333d19a0ebb
Size

36KB
Sample

230214-jh2tyabg46
MD5

da2216c28de4c1bf15ea1333d19a0ebb
SHA1

7fd6ef70ef30966a159188c4f1efcd1ab7d16c48
SHA256

29e447a6121dd2b1d1221821bd6c4b0e20c437c62264844e8bcbb9d4be35f013
SHA512

07c50afb9e9673113ee32e6b3e0340389ab7754ce9f1ef26a5be7948c00f99242ed4ff1bf5d108f10708ffcc85b3845e259a4e238fb298e7fad50c3f1ab78a0d
SSDEEP

384:NGLEjChKES+9JZ2Xy3M5sloXbGWv4afooqx5Pey3M5sC0iu:/t+4WMmcGHaUeWMmC

Score

8^/10

Malware Config

Targets

- Target
  
  da2216c28de4c1bf15ea1333d19a0ebb
- Size
  
  36KB
- MD5
  
  da2216c28de4c1bf15ea1333d19a0ebb
- SHA1
  
  7fd6ef70ef30966a159188c4f1efcd1ab7d16c48
- SHA256
  
  29e447a6121dd2b1d1221821bd6c4b0e20c437c62264844e8bcbb9d4be35f013
- SHA512
  
  07c50afb9e9673113ee32e6b3e0340389ab7754ce9f1ef26a5be7948c00f99242ed4ff1bf5d108f10708ffcc85b3845e259a4e238fb298e7fad50c3f1ab78a0d
- SSDEEP
  
  384:NGLEjChKES+9JZ2Xy3M5sloXbGWv4afooqx5Pey3M5sC0iu:/t+4WMmcGHaUeWMmC
Score

8^/10
- Blocklisted process makes network request
- Drops startup file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2