0d01c5d7b0b2395f50ddd89992c82c7036b032c5111ee889b419914051376762 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ReaderDCManifest3.msi
Size

23KB
Sample

230830-yh1n7sad85
MD5

ec79031814ca8a034848a5a55e57a8c5
SHA1

96037b07565b11f8513a538d11c0ca9f11746ec0
SHA256

0d01c5d7b0b2395f50ddd89992c82c7036b032c5111ee889b419914051376762
SHA512

bb2835a031417eeec23f44f98df4e213225afafcf3c9b314447b14e1eabd108b80c8f0802d14394edf20c2a0a8a137f9940bba48c8cab8735514951d795d9bc5
SSDEEP

384:rtCYciKwySyymAIYiI95+EX4RAM+o/8E9VF0NyCqE:rFc0ySyymJYiI7+dRAMxkE

Score

8^/10

Malware Config

Targets

- Target
  
  ReaderDCManifest3.msi
- Size
  
  23KB
- MD5
  
  ec79031814ca8a034848a5a55e57a8c5
- SHA1
  
  96037b07565b11f8513a538d11c0ca9f11746ec0
- SHA256
  
  0d01c5d7b0b2395f50ddd89992c82c7036b032c5111ee889b419914051376762
- SHA512
  
  bb2835a031417eeec23f44f98df4e213225afafcf3c9b314447b14e1eabd108b80c8f0802d14394edf20c2a0a8a137f9940bba48c8cab8735514951d795d9bc5
- SSDEEP
  
  384:rtCYciKwySyymAIYiI95+EX4RAM+o/8E9VF0NyCqE:rFc0ySyymJYiI7+dRAMxkE
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1