e5c39ac59199c5b5a6df47f3bb3a2e6eec2ec8b15b556de2086bd0187c6edcb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

017a951c19ca633ac332f7737497434f
Size

313KB
Sample

231224-ry7dcsaeg9
MD5

017a951c19ca633ac332f7737497434f
SHA1

da6652947282770608d507857e637371658edffb
SHA256

e5c39ac59199c5b5a6df47f3bb3a2e6eec2ec8b15b556de2086bd0187c6edcb3
SHA512

44c6c793d34f5c119d47d33d640aec6b8d78918cc845b21fa24d29426ce968f8fb56a95df6722d422cb6c4536cae4bbc32a4709b65c320b8c7c37ee6068822aa
SSDEEP

6144:jr/HSjn3r7pb0D2tY4fPQvQrhOgaaCNXtKrmXWgfE+WueNfqYDr5Gx:XyjnbOD2qvcOgaNNAitf1zehzP

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  017a951c19ca633ac332f7737497434f
- Size
  
  313KB
- MD5
  
  017a951c19ca633ac332f7737497434f
- SHA1
  
  da6652947282770608d507857e637371658edffb
- SHA256
  
  e5c39ac59199c5b5a6df47f3bb3a2e6eec2ec8b15b556de2086bd0187c6edcb3
- SHA512
  
  44c6c793d34f5c119d47d33d640aec6b8d78918cc845b21fa24d29426ce968f8fb56a95df6722d422cb6c4536cae4bbc32a4709b65c320b8c7c37ee6068822aa
- SSDEEP
  
  6144:jr/HSjn3r7pb0D2tY4fPQvQrhOgaaCNXtKrmXWgfE+WueNfqYDr5Gx:XyjnbOD2qvcOgaNNAitf1zehzP
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2