c101d2ba561f6f3d1486382f63d0ad680fc13df42abd63d8240022b43213265f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c101d2ba561f6f3d1486382f63d0ad680fc13df42abd63d8240022b43213265f
Size

2.8MB
Sample

231031-leqnlsfb8t
MD5

b6e2b77ea8b15eafb4dbd7f7fb61357e
SHA1

d3c0afe07ad32dd056b8d479b5d2eb50cc2979f2
SHA256

c101d2ba561f6f3d1486382f63d0ad680fc13df42abd63d8240022b43213265f
SHA512

68be66405ad2c25bc2a3c7696efb0dd4c6b385bc4a8f1c51cb27db279b39363d3290204f00a6e9ffec2c1eda9f43311a277db9de3f1b6e508c0a5afa29c782d4
SSDEEP

49152:H7TvfU+8X9GrNOsva5RbKhF3ANkTTlvw+rptEhS0nyixWr:c+8X9G3vP3AMxlSS0n/i

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c101d2ba561f6f3d1486382f63d0ad680fc13df42abd63d8240022b43213265f
- Size
  
  2.8MB
- MD5
  
  b6e2b77ea8b15eafb4dbd7f7fb61357e
- SHA1
  
  d3c0afe07ad32dd056b8d479b5d2eb50cc2979f2
- SHA256
  
  c101d2ba561f6f3d1486382f63d0ad680fc13df42abd63d8240022b43213265f
- SHA512
  
  68be66405ad2c25bc2a3c7696efb0dd4c6b385bc4a8f1c51cb27db279b39363d3290204f00a6e9ffec2c1eda9f43311a277db9de3f1b6e508c0a5afa29c782d4
- SSDEEP
  
  49152:H7TvfU+8X9GrNOsva5RbKhF3ANkTTlvw+rptEhS0nyixWr:c+8X9G3vP3AMxlSS0n/i
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2