fe6b3f3d68776b2be6555eb82565c948b64a8ab9b9b566e5a6fa34c33eb190d7 | Triage

Sharing

General

Target

4f0dda013891cb54e2bdbfc766b4815632acd8717e40834c284ff5f52e7c380b.exe.zip
Size

17.2MB
Sample

231031-rbae4shb2v
MD5

03abb760233c093a317e2948d5d4d726
SHA1

4433af62d5c70acd4fe3aca726e256d7ee1c3bcf
SHA256

fe6b3f3d68776b2be6555eb82565c948b64a8ab9b9b566e5a6fa34c33eb190d7
SHA512

eeecb346332164afe33cf77d5ac8e9fb1aa7a894a9edb4dd68f3c8f73b1f952c0b75766583771be559068aa6c30a9fc9830c89d9ca848e15314b50a7d38fc394
SSDEEP

393216:ulUe16kVZ83HmHtImtGGT+WFYdQmmZKq1bvC:Oz16IZ8EtGGT+WFYdQmmM6vC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4f0dda013891cb54e2bdbfc766b4815632acd8717e40834c284ff5f52e7c380b.exe
- Size
  
  17.2MB
- MD5
  
  3a431ad03ffe53aa02fea1a7a168330f
- SHA1
  
  9f3d6cf63b5fc071591291720d49d78afa9e14fe
- SHA256
  
  4f0dda013891cb54e2bdbfc766b4815632acd8717e40834c284ff5f52e7c380b
- SHA512
  
  1b77ee1df34f5c84fcbe8dbb0c8785ac47188cd2b87e9ed9956278c3b47056aa8b2c89ac940a9915d789337192e943c3795f6170429ea201107b9acf94efcff9
- SSDEEP
  
  393216:sYs7hvMmW5HiLg9999999a6WI6jV9ALHeBbMDbqP49yMK4FLwGtq4nQLpI:Ahv7WNi89999999aFRjV9AzKbMXyMKW1
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2