49cc32e025025289d13ea7b0c0f89be3536153eda194c4010cdae58e9f86252f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49cc32e025025289d13ea7b0c0f89be3536153eda194c4010cdae58e9f86252f
Size

3.5MB
Sample

231022-hkjkpsdf4v
MD5

a68e898200bb0c9e78cec46351b8f6f6
SHA1

d6b5623efdb53a557509abd6a6894a8faaa4f486
SHA256

49cc32e025025289d13ea7b0c0f89be3536153eda194c4010cdae58e9f86252f
SHA512

9f7fd70dae87c4f3d11e3dcc86ffbd3c77a7ed89f27499d72749a645becad546455292da0a590e57241cae4436af96d34efea9706d3817e72895f6e47de83af7
SSDEEP

49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTlXeYVnmpHgZ0TcN:Q+8X9G3vP3AMFeYsBgZ0YN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  49cc32e025025289d13ea7b0c0f89be3536153eda194c4010cdae58e9f86252f
- Size
  
  3.5MB
- MD5
  
  a68e898200bb0c9e78cec46351b8f6f6
- SHA1
  
  d6b5623efdb53a557509abd6a6894a8faaa4f486
- SHA256
  
  49cc32e025025289d13ea7b0c0f89be3536153eda194c4010cdae58e9f86252f
- SHA512
  
  9f7fd70dae87c4f3d11e3dcc86ffbd3c77a7ed89f27499d72749a645becad546455292da0a590e57241cae4436af96d34efea9706d3817e72895f6e47de83af7
- SSDEEP
  
  49152:D7TvfU+8X9GrNOsva5RbKhF3ANkTTlXeYVnmpHgZ0TcN:Q+8X9G3vP3AMFeYsBgZ0YN
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2