4a3f18aca429922237fd8babc70a8a99c25ad2e89dfaf60131b36c03de42b9a3 | Triage

Resubmissions

14-07-2023 00:55

230714-babc1sce9y 6

13-07-2023 09:40

230713-lnazhsga88 6

Sharing

General

Target

4a3f18aca429922237fd8babc70a8a99c25ad2e89dfaf60131b36c03de42b9a3
Size

235KB
Sample

230714-babc1sce9y
MD5

ba2114c6ea2f3d746760398a8417b76c
SHA1

652e62406123eef16aa42ac0e45656b5120f01bd
SHA256

4a3f18aca429922237fd8babc70a8a99c25ad2e89dfaf60131b36c03de42b9a3
SHA512

66b0631686c2e57cfbe2f54fc4f32312a6b031fb7f153285c4a9d5f5d1426f4dfd2f467ac0b8eb98c24bcbfcf2b66327413f2e9944860904b2a3de417ff605e7
SSDEEP

6144:pf/YBndXVI6x9bYb1zUoa9o6ujSHEsgBCFLvGUO3:ZgBnpx9kBUjW6uzsBFW

Score

6^/10

Malware Config

Targets

- Target
  
  温州强强财富科技有限公司关于合合Textln智能文字识别产品采购详细问题汇总——2023年7月10日.exe
- Size
  
  629KB
- MD5
  
  f66b1fc1dc2c9c700d810a9fccb46524
- SHA1
  
  07e79647121e1be4af4bb7e20ff9109457011405
- SHA256
  
  59eca81a631d418a5a013cf13475510c7c8bb8070e9799941e607877e37e4580
- SHA512
  
  b7416f93fe1113841a38dd6c20c089af69b54722dabaa0b4ff58549e5e9707b065a6f5014408e5c00f780f8d73f34cb71b19a5e60786c0522f10198c1ff1a757
- SSDEEP
  
  12288:5LkMP0iPkVFLqlPiCZ3XWNMA6HhtXWAORvbHZI:lkHRqlPiCZ3gMBHhZk
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2