d1270116934f9d409eca8c0d60894eb37010595b14f27849805a1f2fd5841d11 | Triage

Sharing

General

Target

b0eed39eab78fb0ea24361f566c2dba140c21a532e75a1e3367292e142064cd0.msi.zip
Size

1.1MB
Sample

231102-2vhwpsgf5x
MD5

229c8a4ec3003135f08b656d5f1fd0eb
SHA1

3242a8a013c1e9c9caad071b1aacce05c3054a5a
SHA256

d1270116934f9d409eca8c0d60894eb37010595b14f27849805a1f2fd5841d11
SHA512

a22563db50453bf8927c03967c5b57535e7bebca250a3a04f96f3a4cbc54155abf441b04bd2fa7e8880afeb10c8954c5c053ac915e0328945aad84ae5ad85138
SSDEEP

24576:LSp+2oGJwfzjpyvR6m7o9MJ58X387naXxKsTo+236YJZVWo7k8Go51mjD:LvP8gmFz8nmnS1P+J6ITmX

Score

6^/10

Malware Config

Targets

- Target
  
  b0eed39eab78fb0ea24361f566c2dba140c21a532e75a1e3367292e142064cd0.msi
- Size
  
  3.0MB
- MD5
  
  9126abcb987ba4d41fa7366d83609f6c
- SHA1
  
  243738506d4f4974199781456d013570ed03cfc1
- SHA256
  
  b0eed39eab78fb0ea24361f566c2dba140c21a532e75a1e3367292e142064cd0
- SHA512
  
  76830fffd2a3917364b035304352cd439fcf0abdde677e8183c7d504c01ec140230d7804936c853cd2b31bb4e2c7108e649d00cbc14fd41bce254b5e96d096cd
- SSDEEP
  
  24576:oMsdO19PpLg01MoAiJSu4342HdtHm3PrsdSjPVNH/cyYhsAVYCcsl8msE7euSiF:oMsd0PpM01/J7uVHKsQnfbAVYjqWiF
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2