46a98491aef625a61e827e6b6eff108b0db34d8809c3511da6e3ec5d5c9d8b61 | Triage

Resubmissions

20/04/2023, 11:17

230420-nd22csbe4w 8

20/04/2023, 11:00

230420-m3x82abd7z 8

Sharing

Copy URL Twitter E-mail

General

Target

46a98491aef625a61e827e6b6eff108b0db34d8809c3511da6e3ec5d5c9d8b61
Size

2.1MB
Sample

230420-m3x82abd7z
MD5

fea3eb89a5c8355e743f8ef61c992822
SHA1

adb0b128084bbb9fe47edfdff4910d5ed131ad1f
SHA256

46a98491aef625a61e827e6b6eff108b0db34d8809c3511da6e3ec5d5c9d8b61
SHA512

f07c15261156d744edf9b619101f39587ed936477ff63f4e70ad855c05dad710e27df0a59105e8d52a837c9ef7b4af90b508bcb81c6f239f94bfa02b71ae8c3e
SSDEEP

49152:KYdY3w2yuYYTr8tAbMZzEw67SAZhAjBAEliGxUVu1YI:VYz8G8sIAuLx91YI

Score

8^/10

Malware Config

Targets

- Target
  
  46a98491aef625a61e827e6b6eff108b0db34d8809c3511da6e3ec5d5c9d8b61
- Size
  
  2.1MB
- MD5
  
  fea3eb89a5c8355e743f8ef61c992822
- SHA1
  
  adb0b128084bbb9fe47edfdff4910d5ed131ad1f
- SHA256
  
  46a98491aef625a61e827e6b6eff108b0db34d8809c3511da6e3ec5d5c9d8b61
- SHA512
  
  f07c15261156d744edf9b619101f39587ed936477ff63f4e70ad855c05dad710e27df0a59105e8d52a837c9ef7b4af90b508bcb81c6f239f94bfa02b71ae8c3e
- SSDEEP
  
  49152:KYdY3w2yuYYTr8tAbMZzEw67SAZhAjBAEliGxUVu1YI:VYz8G8sIAuLx91YI
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2