Overview

overview

8

Static

static

3

c1be4671b4...da.dll

windows7-x64

8

c1be4671b4...da.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1be4671b4f67c1902f14a732f0ea283f90db889116ee1de310823ce12b04dda

  • Size

    1.7MB

  • Sample

    230827-s5a46sch31

  • MD5

    a8150e096396092c58f7bb78a7e1484f

  • SHA1

    e30e8b92824a9e3f351e1fa1fb66fb27cb0a679d

  • SHA256

    c1be4671b4f67c1902f14a732f0ea283f90db889116ee1de310823ce12b04dda

  • SHA512

    a5dc461a0b4d8fc79d341ddcd2f8f68bce187fe67ff0303fd8605e83b7d7e2496094cf1d2175ee7e8effef84d159f11ac1ba28cef0dafdfacc632a8ef7c323fd

  • SSDEEP

    49152:QXYLbix0dEDr+F46sPGiRPHKZ7WOLh7livfKYhiBWOh:QXYLWWCXfxPGihKZli5QWs

Score
8/10

Malware Config

Targets

    • Target

      c1be4671b4f67c1902f14a732f0ea283f90db889116ee1de310823ce12b04dda

    • Size

      1.7MB

    • MD5

      a8150e096396092c58f7bb78a7e1484f

    • SHA1

      e30e8b92824a9e3f351e1fa1fb66fb27cb0a679d

    • SHA256

      c1be4671b4f67c1902f14a732f0ea283f90db889116ee1de310823ce12b04dda

    • SHA512

      a5dc461a0b4d8fc79d341ddcd2f8f68bce187fe67ff0303fd8605e83b7d7e2496094cf1d2175ee7e8effef84d159f11ac1ba28cef0dafdfacc632a8ef7c323fd

    • SSDEEP

      49152:QXYLbix0dEDr+F46sPGiRPHKZ7WOLh7livfKYhiBWOh:QXYLWWCXfxPGihKZli5QWs

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks