86f86a9eea4bd1cf413a6405f924727203fe3d89e73e8941f705526b854bac85 | Triage

Resubmissions

28/05/2023, 14:30

230528-rvgcrsfg5t 7

28/05/2023, 14:25

230528-rrn87sfc79 7

Sharing

General

Target

Ph0t0sh0p Cs6.rar
Size

73.7MB
Sample

230528-rrn87sfc79
MD5

d3e0429abf55692e65e9f1455ac22116
SHA1

d132b42dbd98549482d32ca86cc65449b5148ca3
SHA256

86f86a9eea4bd1cf413a6405f924727203fe3d89e73e8941f705526b854bac85
SHA512

ae9ea13e3ea925043c1caa253671fb54a00dc7dca10ff065b2ad491560e83b2d2b95b85b6a17449066e5c8aeb23fb06df4e40ea3d0f082e0b8226e9192290105
SSDEEP

1572864:nKT3GWkokgm1Pia0dgTqHXwTvQ6GH0FBEJNJ5TOLOx7fSTtjIvmExV:nKTWWMia0mDAUrEzvOG6T2e+V

Score

7^/10

Malware Config

Targets

- Target
  
  PhotoCss6/setup.exe
- Size
  
  73.7MB
- MD5
  
  02dde17be4c7a3dce827d28df8117e3c
- SHA1
  
  2098d73511a1daac926645cad8a7b5fec6cf7f47
- SHA256
  
  e071f7aff74e187f07a9f1ee88eeac9be728447aad359a0cda32fe7b62228bec
- SHA512
  
  31c9f5582872e4634751ef1ab52b0f8e57ec0408c78aaa1aeb7d6883ae0991416da3c5eaea27ca64b5c6eb5fde930f85acf4fa9c68485b546e528081d22a6156
- SSDEEP
  
  1572864:wKT3GWkokgm1Pia0dgTqHXwTvQ6GH0FBEJNJ5TOLOx7fSTtjIvmExf:wKTWWMia0mDAUrEzvOG6T2e+f
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2