6e2db7f9da04c8a2263cf70daee48ed9265cc83f0994502eb60a0ad6e56f7833 | Triage

Sharing

General

Target

e345e8e462ee504d5d3df689a0793ba69a3109afe33d80bcdf8c622fbc1aae8b.exe.zip
Size

2.5MB
Sample

231002-nwv1rshg2t
MD5

cd06058dd2818044f2aeeea901987786
SHA1

2b5f755224f1067a59bf7481abc1d73e11098e0c
SHA256

6e2db7f9da04c8a2263cf70daee48ed9265cc83f0994502eb60a0ad6e56f7833
SHA512

76cbd8bf770c62e2e27f86b3980d1203969818672557b9edd4250b2263f444867766a993640e5ebf7f03151213aa5882c3c81f822ee6aaffb26911af43634323
SSDEEP

49152:G2Dt3ZyrY4UN9CMJsvpj/FMfLqbe2KiV0HJtmJYKVV8:GCQtM9CVx/ALqSiVCtqNVV8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e345e8e462ee504d5d3df689a0793ba69a3109afe33d80bcdf8c622fbc1aae8b.exe
- Size
  
  2.6MB
- MD5
  
  ba623f4564d86cdb7210f8de5303c12b
- SHA1
  
  3badcd6e356c9511ad2e71010fa4684954091e09
- SHA256
  
  e345e8e462ee504d5d3df689a0793ba69a3109afe33d80bcdf8c622fbc1aae8b
- SHA512
  
  83bd63f865496858c46ae821fc5707411c8eb082a2cf3b8d1614602f2246b278199ab97c02e531e84d3c3ad3f716ce2fc20d4533da16fc1608cc0ae34ce0922f
- SSDEEP
  
  49152:w7lteySYxCTKDTcVFwpleQK7R0KbbV+OOFMob6Ndu/OnEbGJRbTWa+PN9ZvzR:w7ltey3CO0V+iRT1nOdb6y/e/jHz+PNt
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2