da1b144b5f908cb7e811489dfe660e06aa6df9c9158c6972ec9c79c48afacb7e | Triage

Sharing

General

Target

220245-installerexe.exe
Size

4.5MB
Sample

230702-pwlyjacf8w
MD5

fa24733f5a6a6f44d0e65d7d98b84aa6
SHA1

51a62beab55096e17f2e17f042f7bd7dedabf1ae
SHA256

da1b144b5f908cb7e811489dfe660e06aa6df9c9158c6972ec9c79c48afacb7e
SHA512

1953201d8cd448aa7d23c3e57665546ace835f97c8cc8d0f323573cef03a6f317f86c7c3841268ece1760b911c67845d7e6aa198a44f720dca02a5a8bcb8e21e
SSDEEP

98304:5YoIz3Q2HM5Qp4WzMIaX8/BG6v/gIV0sba5mFkDzLb:5i3QDCpQaJGkDegFwL

Score

8^/10

Malware Config

Targets

- Target
  
  220245-installerexe.exe
- Size
  
  4.5MB
- MD5
  
  fa24733f5a6a6f44d0e65d7d98b84aa6
- SHA1
  
  51a62beab55096e17f2e17f042f7bd7dedabf1ae
- SHA256
  
  da1b144b5f908cb7e811489dfe660e06aa6df9c9158c6972ec9c79c48afacb7e
- SHA512
  
  1953201d8cd448aa7d23c3e57665546ace835f97c8cc8d0f323573cef03a6f317f86c7c3841268ece1760b911c67845d7e6aa198a44f720dca02a5a8bcb8e21e
- SSDEEP
  
  98304:5YoIz3Q2HM5Qp4WzMIaX8/BG6v/gIV0sba5mFkDzLb:5i3QDCpQaJGkDegFwL
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2