4cb38b3310f986a2d3ab7886031afbb3b4791cdf5e5e99afbf9171a798c32a8e | Triage

Sharing

General

Target

9c110c0426f4e75f4384a527f0abe2232fe71f2968eb91278b16b200537d3161.exe.zip
Size

2.5MB
Sample

231002-nvex6abd45
MD5

b3ae86d023eccdbb6c5ff686b1dab7e3
SHA1

dabe41582f2cec50a94d524d218a9188062abdfa
SHA256

4cb38b3310f986a2d3ab7886031afbb3b4791cdf5e5e99afbf9171a798c32a8e
SHA512

191b0e07342c81a7a7799f2fee7192e192569ba00f495cf2f1dd2e8bce209dde8f667c555a1d982e3f02053c5285f80e2f130de835a79a59c6b850e67cbb68cb
SSDEEP

49152:Uvn/ieM0ajcf8MuC6hkuvOlSe3DEhBtn0vxV79pJILjgAgfaaL0wUKv:UGcpQe490vX7bC8xL0i

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  9c110c0426f4e75f4384a527f0abe2232fe71f2968eb91278b16b200537d3161.exe
- Size
  
  2.6MB
- MD5
  
  1f8e9fec647700b21d45e6cda97c39b7
- SHA1
  
  037288ee51553f84498ae4873c357d367d1a3667
- SHA256
  
  9c110c0426f4e75f4384a527f0abe2232fe71f2968eb91278b16b200537d3161
- SHA512
  
  42f6ca3456951f3e85024444e513f424add6eda9f4807bf84c91dc8ccb623be6a8e83dc40a8b6a1bc2c6fd080f2c51b719ead1422e9d1c1079795ec70953a1ad
- SSDEEP
  
  49152:IJFEcHcHfnIpvSUxuB4vkjfCSfil3ObWcrJhxSkm6Fo4Ea0g/I2Pz7citcU7tmLq:S2c8gfd87CQgu9xNpW4t/Ic7csd7t0q
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2