fef4203ed4a1deabba0d24b36994a1b638b91fcdaedc848a001df37bf4c8a1fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Metal-Pipes-Falling-Sound-djlunatique.com.mp3
Size

59KB
Sample

230605-wbh5gaae7w
MD5

17b313a6dd83544591e5f9a4ff450c48
SHA1

d479a86de55895a99c64a32a13ae2d5448b32042
SHA256

fef4203ed4a1deabba0d24b36994a1b638b91fcdaedc848a001df37bf4c8a1fd
SHA512

a326a5038eb9dfb59f5c66dff8237f47215f892b974465107225041561eef29cd94b46a3a1df85cf3ef2ff8ec28ec5bc921683a2d26921b52c456690081c2e89
SSDEEP

1536:g+vTI3GWUdVUmc52swf8EroC9CSktXZKpZyk4FPXQR:nkfks2F8HsQBQpZARXQR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Metal-Pipes-Falling-Sound-djlunatique.com.mp3
- Size
  
  59KB
- MD5
  
  17b313a6dd83544591e5f9a4ff450c48
- SHA1
  
  d479a86de55895a99c64a32a13ae2d5448b32042
- SHA256
  
  fef4203ed4a1deabba0d24b36994a1b638b91fcdaedc848a001df37bf4c8a1fd
- SHA512
  
  a326a5038eb9dfb59f5c66dff8237f47215f892b974465107225041561eef29cd94b46a3a1df85cf3ef2ff8ec28ec5bc921683a2d26921b52c456690081c2e89
- SSDEEP
  
  1536:g+vTI3GWUdVUmc52swf8EroC9CSktXZKpZyk4FPXQR:nkfks2F8HsQBQpZARXQR
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2