ed24ba6fee10622c456acfb0c74bbc4505c724fb21f82bbfb2a2a1835216f42f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed24ba6fee10622c456acfb0c74bbc4505c724fb21f82bbfb2a2a1835216f42f
Size

2.6MB
Sample

231010-2mjs2ahh92
MD5

e41b4d7da2a6cf2573413b8bb12d7051
SHA1

d863203e29502e2b53eb78700bc3c92b58e9ae4b
SHA256

ed24ba6fee10622c456acfb0c74bbc4505c724fb21f82bbfb2a2a1835216f42f
SHA512

c6fae992ee66ea1a05a53732fc0628ca23614817347b34181f5f15c6174d5bac3f6dd5798329e35c4661535d450148971e0f4c402c922cc05858b7deb213b949
SSDEEP

49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTl5lgrHnhMn5m2BAtpG7JxC4:Q+8X9G3vP3AMvlg7nrltpx4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ed24ba6fee10622c456acfb0c74bbc4505c724fb21f82bbfb2a2a1835216f42f
- Size
  
  2.6MB
- MD5
  
  e41b4d7da2a6cf2573413b8bb12d7051
- SHA1
  
  d863203e29502e2b53eb78700bc3c92b58e9ae4b
- SHA256
  
  ed24ba6fee10622c456acfb0c74bbc4505c724fb21f82bbfb2a2a1835216f42f
- SHA512
  
  c6fae992ee66ea1a05a53732fc0628ca23614817347b34181f5f15c6174d5bac3f6dd5798329e35c4661535d450148971e0f4c402c922cc05858b7deb213b949
- SSDEEP
  
  49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTl5lgrHnhMn5m2BAtpG7JxC4:Q+8X9G3vP3AMvlg7nrltpx4
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2