58db3b5beb856b42c39257228281af6f67e314c41cf6bf1e38a74e0b1b50e200 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ARCHIVO_MAIL_PDF.1699921434.zip
Size

120KB
Sample

231114-a5cnwsgc35
MD5

b3fb5590755b2032f954a9d6a2215565
SHA1

303bf5c71a6e9f98407ef4fb63c87aeb787a33b2
SHA256

58db3b5beb856b42c39257228281af6f67e314c41cf6bf1e38a74e0b1b50e200
SHA512

27239949fb6f96e0e4c85f9372c90c577a94fefce078d00c919f342fb2db8e11e74e34b806f709af4848ef11ccabf769d3aa6865311b5d11a4cb9e3297119f1a
SSDEEP

3072:uhwOJgd4DcV3XAKJryThZHtvdUUIjsM0wQUOoZ3:FOJk4g3bJryThZHAZjv0wQUxR

Score

7^/10

Malware Config

Targets

- Target
  
  MAIL_PDF6552b.msi
- Size
  
  259KB
- MD5
  
  8ddd45c83132ac208e0ef477ef03e062
- SHA1
  
  d76d93d32266e9ab3b1be5a6ccc9717494625f45
- SHA256
  
  0f686c4b87b47473bedd697cec0dfeb593189e26a5a50693480e1dd9a7ace451
- SHA512
  
  7384652a956082bfe1289947638f84b2fc68fd582c53c197d4dfeba096f8c4b30dd749dcaa8a7d05257272878ab9dca603a840a72572326acf89725287111f86
- SSDEEP
  
  3072:JPwIe993DQY5ACU6ij4qpXqnnDibAJBVkvMcB3RUN46ILJ9+ZB5yOanVY:JoI03DQY5ACTqp4nwEXrWY
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1