df20de3a34c4b039313c34f4e6b5239c731caf6abbeab299c026650e31eaaba8 | Triage

Sharing

General

Target

34caf36645a8c7becb98e64af108eb1691a952cc2efc57a55e90530bd52a858c.exe.zip
Size

3.3MB
Sample

231031-q37dgsgd91
MD5

0270f5e8eaacdfbdc3faa549d022190d
SHA1

e2031b4605728797501ab34d508631a0a431e291
SHA256

df20de3a34c4b039313c34f4e6b5239c731caf6abbeab299c026650e31eaaba8
SHA512

a485ada673b656b3d4c2ac1307edf2e3e1fb3946162e557c1fe889204236f5327cf1ff70114b3d8fdfd88a115586baddbfec4f1180511b19fc5accd626027da4
SSDEEP

98304:qzz9bp/hgnsX1KUKZhCLawM2FDuf3UvH9:KhgsX1KZZwMeyfI9

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  34caf36645a8c7becb98e64af108eb1691a952cc2efc57a55e90530bd52a858c.exe
- Size
  
  3.3MB
- MD5
  
  f96e3442a8699d9014a31091484b44d4
- SHA1
  
  6d1a74404dde4bf2cb352164df93d5a2ddf12386
- SHA256
  
  34caf36645a8c7becb98e64af108eb1691a952cc2efc57a55e90530bd52a858c
- SHA512
  
  02ad199440d259a98e9892ac43825c745a142421afde951a95c70ec435e9a6df321e4d12a6ea36f981f35eec2e4e34abc38746ea6e26109de3e32e725c82da94
- SSDEEP
  
  49152:/zeqaA8fG9XnjS6OnXds7aMdc1otuL8wRswq8LxS2TLJ9f8KywtrE3NYUxGC5BU7:b5gUVOXdP+c1EuzPLxNJywtgdExIUk0
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2