0e8e168c9bd7bf0abb03cb388e069e0050b77b2de95ca217c12e174980538b3d | Triage

Sharing

General

Target

eraz0r.dll
Size

12.6MB
Sample

231029-3xpbyabf86
MD5

1a460374f370ef58c3b769d56f38b50b
SHA1

0dcd6b1b7db59d26bbab1ccf6930b7654477ebbe
SHA256

0e8e168c9bd7bf0abb03cb388e069e0050b77b2de95ca217c12e174980538b3d
SHA512

e2a1c37444ea8cc7c7cd20368250aee42c18160b4016d7bd4b380e41f36b3d58efa9609bf5b151b43728b6f7fad3ff65700f5b798286873c941c6067dd854961
SSDEEP

98304:CcDTwXlUKj57xHAe/JyS1DOlRomRQvPMaQQBtVD/EmYESD8G+JKBdK9/TToGFXob:CblUWNOlRomRQvPMa2+JB2

Score

8^/10

Malware Config

Targets

- Target
  
  eraz0r.dll
- Size
  
  12.6MB
- MD5
  
  1a460374f370ef58c3b769d56f38b50b
- SHA1
  
  0dcd6b1b7db59d26bbab1ccf6930b7654477ebbe
- SHA256
  
  0e8e168c9bd7bf0abb03cb388e069e0050b77b2de95ca217c12e174980538b3d
- SHA512
  
  e2a1c37444ea8cc7c7cd20368250aee42c18160b4016d7bd4b380e41f36b3d58efa9609bf5b151b43728b6f7fad3ff65700f5b798286873c941c6067dd854961
- SSDEEP
  
  98304:CcDTwXlUKj57xHAe/JyS1DOlRomRQvPMaQQBtVD/EmYESD8G+JKBdK9/TToGFXob:CblUWNOlRomRQvPMa2+JB2
Score

8^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2