4d4099dce2b54a5f24102b31c929e178f127bb29b815fc99d135ee09df3b49e0 | Triage

Sharing

General

Target

4d4099dce2b54a5f24102b31c929e178f127bb29b815fc99d135ee09df3b49e0
Size

2.9MB
Sample

231122-epp2haaa76
MD5

3a7c74b87bb61d6d49081279f27961f0
SHA1

d42f28f20d92f0b78eca9091731ce70c6ae6bb39
SHA256

4d4099dce2b54a5f24102b31c929e178f127bb29b815fc99d135ee09df3b49e0
SHA512

f99f7b0432fd06b2fe8b6025b2ef3a2e2ebe8e90f82e58cfb9dd7dc8ca311bf22eed8476157df7a5b8ca00b9f66f4d4d0f4598492f7aa4316e4dd16cf1fb35c3
SSDEEP

49152:A1zSZArgfNNUdnmienLW84qo31SJLwd8mPpc1l:AYAryNGdnmnL7oEJMdnhc1l

Score

7^/10

Malware Config

Targets

- Target
  
  4d4099dce2b54a5f24102b31c929e178f127bb29b815fc99d135ee09df3b49e0
- Size
  
  2.9MB
- MD5
  
  3a7c74b87bb61d6d49081279f27961f0
- SHA1
  
  d42f28f20d92f0b78eca9091731ce70c6ae6bb39
- SHA256
  
  4d4099dce2b54a5f24102b31c929e178f127bb29b815fc99d135ee09df3b49e0
- SHA512
  
  f99f7b0432fd06b2fe8b6025b2ef3a2e2ebe8e90f82e58cfb9dd7dc8ca311bf22eed8476157df7a5b8ca00b9f66f4d4d0f4598492f7aa4316e4dd16cf1fb35c3
- SSDEEP
  
  49152:A1zSZArgfNNUdnmienLW84qo31SJLwd8mPpc1l:AYAryNGdnmnL7oEJMdnhc1l
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2