b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f | Triage

Sharing

General

Target

b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f_JC.msi
Size

3.4MB
Sample

231011-nc372aba5v
MD5

5d9e72d1e3a99bec71fad561fa95037c
SHA1

fbc94c649ba3d8bb6c7e1d98e7fdeea40cd395b2
SHA256

b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f
SHA512

8d0311d94a0de8646ec2733530a2db7d2c6e2b03f54e54ac0bc84538a636fe8211e6a582530d9ea8cd02ba08e259d778498d6f29e6744ba45f434d2a87874c97
SSDEEP

49152:E6rGohlj9szAlopTyWD57kEv53rw6cvOlM3w99xYF/gr/QaTdxKJWNYCILZ:qoSTyqk7vvO8Q9xU/w/QPOI9

Score

8^/10

Malware Config

Targets

- Target
  
  b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f_JC.msi
- Size
  
  3.4MB
- MD5
  
  5d9e72d1e3a99bec71fad561fa95037c
- SHA1
  
  fbc94c649ba3d8bb6c7e1d98e7fdeea40cd395b2
- SHA256
  
  b029b40badab029cbd916ab2e5147e9f01abd147e1bf9e5ed1564ee44a0d087f
- SHA512
  
  8d0311d94a0de8646ec2733530a2db7d2c6e2b03f54e54ac0bc84538a636fe8211e6a582530d9ea8cd02ba08e259d778498d6f29e6744ba45f434d2a87874c97
- SSDEEP
  
  49152:E6rGohlj9szAlopTyWD57kEv53rw6cvOlM3w99xYF/gr/QaTdxKJWNYCILZ:qoSTyqk7vvO8Q9xU/w/QPOI9
Score

8^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2