10ce2e8acee9f7af7038b41d2752f52c1a6fb80bc6e14903509e2a1994ffbb15 | Triage

Sharing

General

Target

ACTU4GBJ4DAXWGSB3_727044.ZIP
Size

2.3MB
Sample

231108-e5qyqsfb65
MD5

78356cd98d262d5a404d5e49275ebd6d
SHA1

2ef997817f8752f5325db091a5b350de9e179b13
SHA256

10ce2e8acee9f7af7038b41d2752f52c1a6fb80bc6e14903509e2a1994ffbb15
SHA512

b494dac613872a564ac8a97a582c4fa6ececbd9ea93b3f654c9f609b09803fa5ac1c9d7ac480b06909492e32af8bdc5d1dfccebb11ee6a7df76fb73fd2ac3e85
SSDEEP

49152:wp8de5R7HGIQ4+kzB9+4q58W5MzRAEcLjqJhSyuyOQeVFJOwY:KeoR7HGTJ4fKGW5qAfLeBuynmJw

Score

7^/10

Malware Config

Targets

- Target
  
  ACTU4GBJ4DAXWGSB7.MSI
- Size
  
  5.9MB
- MD5
  
  9dbfb65e2d34af208ca5d1b8db1fdaa6
- SHA1
  
  f9153d65196fa951337662606f796d9a752abca0
- SHA256
  
  88512a879e350ef8f908800464f9208bf4e96c9b9ff3678398d0e0d61c25e5e4
- SHA512
  
  c6ccb91943beb4cded8a20ae57f950468d0f58bc5af2c2af5143e6b2fc2bf814d3b19e358f109ab51d530661326b2cf1edc121177edb75590c9b2be9d9e7b962
- SSDEEP
  
  98304:ZgxJju1fuu8KmLl90bm/d4zHmPuolXxqcCLXo0:Z0uZuu8KhEqH4oLo
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1