75a353630a2c74cc54eb794cea533372d27d0642fb936a3b6930e81d86555fa6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d642294b728d2b2537a62fa0124da46bc209392ae63a6f5e26ac2e1b4797e44.exe.zip
Size

12.0MB
Sample

231031-rcg7cabb78
MD5

c3c1b2a77b7d1270cd825df050f3cd72
SHA1

60539864ba4bad0084dc6073e5332e8be07236a3
SHA256

75a353630a2c74cc54eb794cea533372d27d0642fb936a3b6930e81d86555fa6
SHA512

c558138965922938c85794d7cd26e3fe5d27869b2253826df06b9ad3b31cd1f4a64ad36892fbc54e3c514df22cbdd7546a4b4b302e28e9476753233a39895016
SSDEEP

393216:hO713+xkfzhj7TiFhJjNfp4jbz8FT+VN+Az:6139V7TINx04dSgY

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5d642294b728d2b2537a62fa0124da46bc209392ae63a6f5e26ac2e1b4797e44.exe
- Size
  
  12.1MB
- MD5
  
  5aadb2fa66c318fab8525f574575fbe1
- SHA1
  
  9a453613cf353ede2aa3ab8c093506384a2a9592
- SHA256
  
  5d642294b728d2b2537a62fa0124da46bc209392ae63a6f5e26ac2e1b4797e44
- SHA512
  
  3fa9edd79db5e16e56c4b92f2060dca40b7c9634f6771ca77a7f950c9b1b8075f3dfe193a809e2998fe612bd92ae959be235b302c30d3308a40479212252febe
- SSDEEP
  
  393216:/rMT04PE9999999BD0DyvYbclJVVYCgz:IQ4PE9999999BDgyviahYC
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2