556b51b8c2e2516235372629d158d6a10e11e4fcbb8e4fa67a3f5a5a54846f08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

556b51b8c2e2516235372629d158d6a10e11e4fcbb8e4fa67a3f5a5a54846f08_JC.msi
Size

1.5MB
Sample

231011-2kjegshb8s
MD5

daba6863275095fb07eece679c8bf098
SHA1

a5506ef0b0998abcb935633c8b1ebeddbc324769
SHA256

556b51b8c2e2516235372629d158d6a10e11e4fcbb8e4fa67a3f5a5a54846f08
SHA512

254e4f2c26893c9b8a97a29126c975c374380f4738605c8cebd8bb537a18a0f85ba871e650a33c54564154584a5ca1f18e708a9f7a9f6dd13c663990b136ff57
SSDEEP

24576:QJcLlYOINVUuD6yS1wGbXpsHzCsalfLK/hVfAmDX8qrJrKPyVqmY1:vLlYO+UuD6ySaGbX+H9a9+hVfA4X84po

Score

7^/10

Malware Config

Targets

- Target
  
  556b51b8c2e2516235372629d158d6a10e11e4fcbb8e4fa67a3f5a5a54846f08_JC.msi
- Size
  
  1.5MB
- MD5
  
  daba6863275095fb07eece679c8bf098
- SHA1
  
  a5506ef0b0998abcb935633c8b1ebeddbc324769
- SHA256
  
  556b51b8c2e2516235372629d158d6a10e11e4fcbb8e4fa67a3f5a5a54846f08
- SHA512
  
  254e4f2c26893c9b8a97a29126c975c374380f4738605c8cebd8bb537a18a0f85ba871e650a33c54564154584a5ca1f18e708a9f7a9f6dd13c663990b136ff57
- SSDEEP
  
  24576:QJcLlYOINVUuD6yS1wGbXpsHzCsalfLK/hVfAmDX8qrJrKPyVqmY1:vLlYO+UuD6ySaGbX+H9a9+hVfA4X84po
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2