df07f0f3d9888fd153d5d08f4a8ccb1ba4f2553316d78e101c1800bc42f9ad0c | Triage

Sharing

General

Target

TortoiseGit-2.14.0.0-64bit.msi
Size

21.6MB
Sample

230411-yrbrfage9z
MD5

ca36bf3998301057ab7f4f64a84085f5
SHA1

66353468825a754f384f9c1bd3e34b37bd9071f7
SHA256

df07f0f3d9888fd153d5d08f4a8ccb1ba4f2553316d78e101c1800bc42f9ad0c
SHA512

87ad935e1329a0e6076b3a58e27e149b08adbc516328ecbe47707d41601af9b0277a8a591a5fee723d3d9e9778e123e6434f23d1a930b12d5f10519df6f23636
SSDEEP

393216:348DJa1Zmo8Swa0evzN0eAUAyzziv7asm7sf7SG8aQASSV7e9Jdmq6sbNyPDN:348Vkmz4zN0KA1TgcqarSSV7e4bB

Score

8^/10

Malware Config

Targets

- Target
  
  TortoiseGit-2.14.0.0-64bit.msi
- Size
  
  21.6MB
- MD5
  
  ca36bf3998301057ab7f4f64a84085f5
- SHA1
  
  66353468825a754f384f9c1bd3e34b37bd9071f7
- SHA256
  
  df07f0f3d9888fd153d5d08f4a8ccb1ba4f2553316d78e101c1800bc42f9ad0c
- SHA512
  
  87ad935e1329a0e6076b3a58e27e149b08adbc516328ecbe47707d41601af9b0277a8a591a5fee723d3d9e9778e123e6434f23d1a930b12d5f10519df6f23636
- SSDEEP
  
  393216:348DJa1Zmo8Swa0evzN0eAUAyzziv7asm7sf7SG8aQASSV7e9Jdmq6sbNyPDN:348Vkmz4zN0KA1TgcqarSSV7e4bB
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1