a4d931fbb00fb0fffa918d55fbf07ecd0d7cde4aa50cdfb090219be511984eb7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c237aefeb4f8142e3620896878b6143.exe
Size

72KB
Sample

240106-mngbzafcd8
MD5

3c237aefeb4f8142e3620896878b6143
SHA1

285e3a16b1812ac8e084455ef16df9c3f14e84ea
SHA256

a4d931fbb00fb0fffa918d55fbf07ecd0d7cde4aa50cdfb090219be511984eb7
SHA512

6e08f1095c49a692d56e8d616404cedee2eb6307e9bcad5e78cbe9f3e14c7d45b3a9adffac50639542a356517576e0a0c09af57986d25b81fe8ae2c773550919
SSDEEP

768:OsM0nrRWlzYk87LlB4Pok7D+ms76lw2cBlN+BJZZ4/dovCFM39Rot7sT9PTUM5ip:ZMdUk87LlB4QjKw2cMWpO6q4

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  3c237aefeb4f8142e3620896878b6143.exe
- Size
  
  72KB
- MD5
  
  3c237aefeb4f8142e3620896878b6143
- SHA1
  
  285e3a16b1812ac8e084455ef16df9c3f14e84ea
- SHA256
  
  a4d931fbb00fb0fffa918d55fbf07ecd0d7cde4aa50cdfb090219be511984eb7
- SHA512
  
  6e08f1095c49a692d56e8d616404cedee2eb6307e9bcad5e78cbe9f3e14c7d45b3a9adffac50639542a356517576e0a0c09af57986d25b81fe8ae2c773550919
- SSDEEP
  
  768:OsM0nrRWlzYk87LlB4Pok7D+ms76lw2cBlN+BJZZ4/dovCFM39Rot7sT9PTUM5ip:ZMdUk87LlB4QjKw2cMWpO6q4
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2