48ee92307d0bfadae16494bf164cf5044ae07471adea909357f775b624013721 | Triage

Sharing

General

Target

1CEnterprise 8.msi
Size

5.7MB
Sample

230615-r1m3hahh68
MD5

b09dd1c47e552111f33a2b79cc88f0a9
SHA1

5b71f76310ad26873148a7ee93b9544d9f944619
SHA256

48ee92307d0bfadae16494bf164cf5044ae07471adea909357f775b624013721
SHA512

d750dcc914500d9dc04da5a9ee627b60baf9d5e258ce96d1cdaf1bbbe7953afc4a47d6b71659dcc1ccd65b1eb6ee5e51bb09739a386270e137fe29779963ce8a
SSDEEP

98304:lykuLT7uYy171MfAOtIOpjh7InctCaFecemed4hc:lykuPSOHh72OFePd

Score

8^/10

Malware Config

Targets

- Target
  
  1CEnterprise 8.msi
- Size
  
  5.7MB
- MD5
  
  b09dd1c47e552111f33a2b79cc88f0a9
- SHA1
  
  5b71f76310ad26873148a7ee93b9544d9f944619
- SHA256
  
  48ee92307d0bfadae16494bf164cf5044ae07471adea909357f775b624013721
- SHA512
  
  d750dcc914500d9dc04da5a9ee627b60baf9d5e258ce96d1cdaf1bbbe7953afc4a47d6b71659dcc1ccd65b1eb6ee5e51bb09739a386270e137fe29779963ce8a
- SSDEEP
  
  98304:lykuLT7uYy171MfAOtIOpjh7InctCaFecemed4hc:lykuPSOHh72OFePd
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2