ca5ad8ed93eb896a14b62ca531bafae3d33cac7234f0d0a05f5dbe888b9d12c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee7104bcd2faaf2c6a466e52199463039ed73fb8de856e9b0d571915b74e15e9.exe.zip
Size

7.0MB
Sample

231031-q9el2sah74
MD5

973adbb01c50f5bf0044e21689c10a98
SHA1

276228314d92224c940f2a88260d243594450e72
SHA256

ca5ad8ed93eb896a14b62ca531bafae3d33cac7234f0d0a05f5dbe888b9d12c4
SHA512

22cb670c44a6824714e88f578e08d8d52f2819f1c6f74dc9edb01fff9ff423d97d78c7b63e4e67c22760bfaa0d6e8a9d0e36bfa3c256605f34363fd1f23d0a2f
SSDEEP

196608:4MY+XHDFTaCIY3V2WUGZZciwafBDaQgGee4dX:4yDF4YOGrwafBDIy41

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  ee7104bcd2faaf2c6a466e52199463039ed73fb8de856e9b0d571915b74e15e9.exe
- Size
  
  7.0MB
- MD5
  
  fdf7ad31c9f76d711e9f8532062e4ab4
- SHA1
  
  b0ddea7bfb8d9eb4f6c5d36416b3092dcf604e2f
- SHA256
  
  ee7104bcd2faaf2c6a466e52199463039ed73fb8de856e9b0d571915b74e15e9
- SHA512
  
  431954dda606caea8fdf0cde34e2a34e91b834c5fb53616897ccbb5cf77e378af3fbda990be6ec493eeebbe2586466eacd25a813c3a8a1a1805d1937d69fd3da
- SSDEEP
  
  196608:hZYwZl+XfRjp9mZBw9999999JwY9K69996GNfl+7p1VC2UkM:hhlu9mZu9999999JN9K6999dL+1tM
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2