ebb825664642befb034e02fdac2c2ed618f2832e563f1380f8f02e738e477345 | Triage

Resubmissions

11/01/2024, 04:17

240111-ewj4tsfcf9 7

11/01/2024, 04:09

240111-eq4laafbg6 7

10/01/2024, 02:48

240110-darq4scdbn 7

10/01/2024, 02:33

240110-c2bcrscbfl 7

10/01/2024, 02:10

240110-cls8msdaf5 1

10/01/2024, 01:31

240110-bxfw1scec5 1

Sharing

General

Target

mal.zip
Size

4.5MB
Sample

240110-c2bcrscbfl
MD5

15a36183a2d2c4a43f7f203548fbcb04
SHA1

3ce2a3904eeef714abec465b55a0c20f6e47b079
SHA256

ebb825664642befb034e02fdac2c2ed618f2832e563f1380f8f02e738e477345
SHA512

67325d485999e25cbe1c31162af5f3f081de3a22b15cd7b79470c20276a4fb299762835d94e7a4ffa4756b41df9eba7d692d84d455d7645e5e09386a09b18e4f
SSDEEP

98304:pOA4lR+FGuh9N2fQdB9ySsivCYOxSeWs10MS9UVmpLhVGQvnUQqy5H+:pSR+FGugfQdB9vlvChWmdS9U2LHFZF+

Score

7^/10

Malware Config

Targets

- Target
  
  DHGVD67JH-7DVCJ7HF-E7CLJHE7YH-E67FBHCH-7992643.msi
- Size
  
  11.8MB
- MD5
  
  4faefc4fd0cb60e39b50f24d417d453d
- SHA1
  
  5414e5171126b1d768a5089feab1425a46b353b7
- SHA256
  
  90f0c48a16ae8cb125786333c748af1c91bcf114246c0d3757095f4ea40a00f1
- SHA512
  
  654b2636594ac7f135fbf282b967505f5d4c85a13c82dd06139a758c34edad6d0afe9c55640d251bffe403f5422004b1c89fc85265e2c24efa1887c78eb3446e
- SSDEEP
  
  98304:Kt65C+m9gSNTWV2Ppyi/+/F2ZDALVwetabp3OHX4y9rffffffffffffffffffff8:Kt6Ul9gSsVHhqowe0cX4yyOYw/x9
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1