1828e2df0ad76ea503af7206447e40482669bb25624a60b0f77743cd70f819f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

wintask.exe
Size

1.3MB
Sample

230921-gftz7sfe87
MD5

d716b5f8425bc84dcf06cb517f03c977
SHA1

e407eaf1b86f23ea97285f5cc1365149c7a55d8c
SHA256

1828e2df0ad76ea503af7206447e40482669bb25624a60b0f77743cd70f819f6
SHA512

bbc84fb48728bba943bdfb3a3605b4e815a35c4646a5b56a3a5f6573be0c7dfc030363f052c3c38b5f609e2349495b044a93a81d2ff5b3132adc5ba96f178af7
SSDEEP

24576:DB7oWvLR21bbgJMIkSV9Jmc7ljVIH06iyb:DB5vLRAbbJIkS/z7XIU6iA

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  wintask.exe
- Size
  
  1.3MB
- MD5
  
  d716b5f8425bc84dcf06cb517f03c977
- SHA1
  
  e407eaf1b86f23ea97285f5cc1365149c7a55d8c
- SHA256
  
  1828e2df0ad76ea503af7206447e40482669bb25624a60b0f77743cd70f819f6
- SHA512
  
  bbc84fb48728bba943bdfb3a3605b4e815a35c4646a5b56a3a5f6573be0c7dfc030363f052c3c38b5f609e2349495b044a93a81d2ff5b3132adc5ba96f178af7
- SSDEEP
  
  24576:DB7oWvLR21bbgJMIkSV9Jmc7ljVIH06iyb:DB5vLRAbbJIkS/z7XIU6iA
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2