4b89e56d6960e7be79e9e1928295f82b95cffa8fcaab2d18575c5cd4b57cbf89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b89e56d6960e7be79e9e1928295f82b95cffa8fcaab2d18575c5cd4b57cbf89
Size

3.4MB
Sample

231007-xg2z7sha23
MD5

a2da040e3197cfa340ddf3c302a217d7
SHA1

44c150b24ec906d2cb17ffbe55f2aaa7dffd902b
SHA256

4b89e56d6960e7be79e9e1928295f82b95cffa8fcaab2d18575c5cd4b57cbf89
SHA512

76e8fc832b48d4ee06d718c5cadb755717312940a74c55af7ed7a1abbdd114e72c3efb2495f338f025c8a78f8450ba40b05b06013a6dea15cc162e5291c45c1e
SSDEEP

49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTlK3S7IxH6Vvcvxzidsu:Q+8X9G3vP3AMRkx2kvFiH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  4b89e56d6960e7be79e9e1928295f82b95cffa8fcaab2d18575c5cd4b57cbf89
- Size
  
  3.4MB
- MD5
  
  a2da040e3197cfa340ddf3c302a217d7
- SHA1
  
  44c150b24ec906d2cb17ffbe55f2aaa7dffd902b
- SHA256
  
  4b89e56d6960e7be79e9e1928295f82b95cffa8fcaab2d18575c5cd4b57cbf89
- SHA512
  
  76e8fc832b48d4ee06d718c5cadb755717312940a74c55af7ed7a1abbdd114e72c3efb2495f338f025c8a78f8450ba40b05b06013a6dea15cc162e5291c45c1e
- SSDEEP
  
  49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTlK3S7IxH6Vvcvxzidsu:Q+8X9G3vP3AMRkx2kvFiH
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2