9b52a186182a138522a656be7cab6dca0bd2b5662944aa1a990fa656243c599a | Triage

Sharing

General

Target

588d3cf5f6e2dfeea6d5c82849f9d35ae3afa583160018e8c0a3f8a6fe8deee4.exe.zip
Size

57.5MB
Sample

231231-cb7chsaaan
MD5

13c2ddafb73b8cd0abc0870f36bb5842
SHA1

345f49654ff1330f8d7168e13f3288ab2282349c
SHA256

9b52a186182a138522a656be7cab6dca0bd2b5662944aa1a990fa656243c599a
SHA512

923dc764d63764818628e38ea835ce13b473d675fd4b04346649c2526ec8580b47e818f2ed05c5296ac2c293c839dfd8081f3edc1e5274179f56d645422fab47
SSDEEP

1572864:TxMJaSkiCZsU8df32YcK8zNolX/cHWgKxC5/cyyUgqj/TpTvcG:1kCZsjv8zNs/dxCpPrjlTvcG

Score

9^/10

Malware Config

Targets

- Target
  
  588d3cf5f6e2dfeea6d5c82849f9d35ae3afa583160018e8c0a3f8a6fe8deee4.exe
- Size
  
  58.1MB
- MD5
  
  2c0e631815c43c426990837a3eb6a64c
- SHA1
  
  e635bfcde96106c15781fbbf8b4212c3da547025
- SHA256
  
  588d3cf5f6e2dfeea6d5c82849f9d35ae3afa583160018e8c0a3f8a6fe8deee4
- SHA512
  
  72b0f9410af3fc4c75eb003d19e07db4228922b4bef173a6face1d4f4d9a666f38bbe7920b0759c5e9f053901c90b7167d7b3d4eb09607106f764059654c3069
- SSDEEP
  
  1572864:R7KtQ4RVxPQVr+8+o9hLeypNKFj6mUqHYJG:R7Kt2rAyHAj6mUY+
Score

9^/10
- Detect jar appended to MSI
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2