4d1d13ae8c0b35436691af368ad44a26f74ab931e5ccae50e839ac19a708225c | Triage

Sharing

General

Target

4d1d13ae8c0b35436691af368ad44a26f74ab931e5ccae50e839ac19a708225c.exe
Size

4.0MB
Sample

230518-q78gcabh78
MD5

4437ede89331b0c42c8d34e87acea7a6
SHA1

911cb82326d471e32a8723df440392a8ab73cef1
SHA256

4d1d13ae8c0b35436691af368ad44a26f74ab931e5ccae50e839ac19a708225c
SHA512

eb5544f2bace9370e68f3d903ec1cabdda15acf611962b05cd31ce2bd8df833986664ae3619ac384e92cf725a281d334f808b4d6ad723bfd2b05fedb0d55fc09
SSDEEP

98304:EoiRBSDccvT1EDzUce2ati6Wmq6O7XAyKuf7B+yBchxO:E5Ih1EMctf6oFXAydfFG

Score

8^/10

Malware Config

Targets

- Target
  
  4d1d13ae8c0b35436691af368ad44a26f74ab931e5ccae50e839ac19a708225c.exe
- Size
  
  4.0MB
- MD5
  
  4437ede89331b0c42c8d34e87acea7a6
- SHA1
  
  911cb82326d471e32a8723df440392a8ab73cef1
- SHA256
  
  4d1d13ae8c0b35436691af368ad44a26f74ab931e5ccae50e839ac19a708225c
- SHA512
  
  eb5544f2bace9370e68f3d903ec1cabdda15acf611962b05cd31ce2bd8df833986664ae3619ac384e92cf725a281d334f808b4d6ad723bfd2b05fedb0d55fc09
- SSDEEP
  
  98304:EoiRBSDccvT1EDzUce2ati6Wmq6O7XAyKuf7B+yBchxO:E5Ih1EMctf6oFXAydfFG
Score

8^/10
- Downloads MZ/PE file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2