fc5175f13eb4eb25f4caa92c186605bd72523e1dec7363a0d54a678dfe387fe0 | Triage

Resubmissions

25-08-2023 14:50

230825-r7nydacg99 7

25-08-2023 14:42

230825-r3br9aee6x 7

Sharing

General

Target

sougoupinyin.exe
Size

125.6MB
Sample

230825-r7nydacg99
MD5

ed226d3d12b00b0affe58e84e23920cd
SHA1

f8010d64281c3dbc26f75599f11d0073aab0fc1d
SHA256

fc5175f13eb4eb25f4caa92c186605bd72523e1dec7363a0d54a678dfe387fe0
SHA512

4acb1486a910e30bf7ac59d6fc82622000c55321eab8e5ca3b376c3ca7ea6435d53b3e1df2ecaf0702d087dd003d12ee90108ee329b361ba775d9eed246cdfb5
SSDEEP

3145728:X6Odyqv0eg18Rx0OYWebzLKQIjJYCX6EYsU1ocWTRKop315h2:X6OQ4s8Rx0OpkKQILwicWNKop3nh2

Score

7^/10

Malware Config

Targets

- Target
  
  sougoupinyin.exe
- Size
  
  125.6MB
- MD5
  
  ed226d3d12b00b0affe58e84e23920cd
- SHA1
  
  f8010d64281c3dbc26f75599f11d0073aab0fc1d
- SHA256
  
  fc5175f13eb4eb25f4caa92c186605bd72523e1dec7363a0d54a678dfe387fe0
- SHA512
  
  4acb1486a910e30bf7ac59d6fc82622000c55321eab8e5ca3b376c3ca7ea6435d53b3e1df2ecaf0702d087dd003d12ee90108ee329b361ba775d9eed246cdfb5
- SSDEEP
  
  3145728:X6Odyqv0eg18Rx0OYWebzLKQIjJYCX6EYsU1ocWTRKop315h2:X6OQ4s8Rx0OpkKQILwicWNKop3nh2
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3