062c1d216ceceb758c0033e4a6f6c7b0d5211b8cc560194eb6c6962c7c7635ff | Triage

Sharing

General

Target

LuSlower-PowerCfgUtil.exe
Size

244KB
Sample

230421-2jzp3scd61
MD5

e634caa91e10f27736e85527c9689850
SHA1

92cf5e1ba154a02cf99e98a927f328b8332bbf5c
SHA256

062c1d216ceceb758c0033e4a6f6c7b0d5211b8cc560194eb6c6962c7c7635ff
SHA512

983bc8902ae97ba4d744b46ae881a48b4087d9c0f1860df0fc1bb0affdd4911596ae0a1b11476dc71fc64eca17c5b9aab4fb166d921836384d594be26af3010a
SSDEEP

6144:MBlkZvaF4NTBE1L/yE9zeJdUzgrwoDDHyQ:MoSWNTS1L1zeUQtD7V

Score

7^/10

Malware Config

Targets

- Target
  
  LuSlower-PowerCfgUtil.exe
- Size
  
  244KB
- MD5
  
  e634caa91e10f27736e85527c9689850
- SHA1
  
  92cf5e1ba154a02cf99e98a927f328b8332bbf5c
- SHA256
  
  062c1d216ceceb758c0033e4a6f6c7b0d5211b8cc560194eb6c6962c7c7635ff
- SHA512
  
  983bc8902ae97ba4d744b46ae881a48b4087d9c0f1860df0fc1bb0affdd4911596ae0a1b11476dc71fc64eca17c5b9aab4fb166d921836384d594be26af3010a
- SSDEEP
  
  6144:MBlkZvaF4NTBE1L/yE9zeJdUzgrwoDDHyQ:MoSWNTS1L1zeUQtD7V
Score

7^/10
- Executes dropped EXE
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1