2474ad07aebb590b59fd4f3c97f121047c56d229748ab8b5b52fc61d72ea7d02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2474ad07aebb590b59fd4f3c97f121047c56d229748ab8b5b52fc61d72ea7d02
Size

2.9MB
Sample

231010-31z8lsbb98
MD5

d818d44833c8555b777d524a9c7c22db
SHA1

a0429205f99e595f9d959cdc31165d2beed092af
SHA256

2474ad07aebb590b59fd4f3c97f121047c56d229748ab8b5b52fc61d72ea7d02
SHA512

d31d763e92c76cb1e7293368576e3dc038fb94c823deeec79e842efe04e398e239a598cc6ff69a5a37c2b6ae86ac22e8de1e736fc6a8e4c578cb83a740879566
SSDEEP

49152:AkMyp+Cq99LyHHI+t6O8N+ailEy6dmpzeioK2enVzG1nky6:AkMyE0oAaldmdmnp6

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2474ad07aebb590b59fd4f3c97f121047c56d229748ab8b5b52fc61d72ea7d02
- Size
  
  2.9MB
- MD5
  
  d818d44833c8555b777d524a9c7c22db
- SHA1
  
  a0429205f99e595f9d959cdc31165d2beed092af
- SHA256
  
  2474ad07aebb590b59fd4f3c97f121047c56d229748ab8b5b52fc61d72ea7d02
- SHA512
  
  d31d763e92c76cb1e7293368576e3dc038fb94c823deeec79e842efe04e398e239a598cc6ff69a5a37c2b6ae86ac22e8de1e736fc6a8e4c578cb83a740879566
- SSDEEP
  
  49152:AkMyp+Cq99LyHHI+t6O8N+ailEy6dmpzeioK2enVzG1nky6:AkMyE0oAaldmdmnp6
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2