efb54a6f9338338f3c5aca707493cd12767601e70a884274064de1f7e7a2a05f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

521f13ce6190908b59054b27c7d56c77
Size

59KB
Sample

240111-bdz6jsbedr
MD5

521f13ce6190908b59054b27c7d56c77
SHA1

2395cf93f783b23bd37c5f9c961dcf921c4385b9
SHA256

efb54a6f9338338f3c5aca707493cd12767601e70a884274064de1f7e7a2a05f
SHA512

4cdd69e54bd4cded5e73563a4b1e9ec80229757babf62519d8b2caabc6e3c5c25070dac84f8da3fb93677cd509fe32237e1a036d0c72b7314f182cb12103357f
SSDEEP

768:BEUs8t2aMubzpMj3Rmc+vhkKj9AOQMgfxdA9UBmIk4DI8RY3fZ1vthi80pfH/5:pL2aMpMcQhHFQzdA6nDzYRhiTt

Score

7^/10

Malware Config

Targets

- Target
  
  521f13ce6190908b59054b27c7d56c77
- Size
  
  59KB
- MD5
  
  521f13ce6190908b59054b27c7d56c77
- SHA1
  
  2395cf93f783b23bd37c5f9c961dcf921c4385b9
- SHA256
  
  efb54a6f9338338f3c5aca707493cd12767601e70a884274064de1f7e7a2a05f
- SHA512
  
  4cdd69e54bd4cded5e73563a4b1e9ec80229757babf62519d8b2caabc6e3c5c25070dac84f8da3fb93677cd509fe32237e1a036d0c72b7314f182cb12103357f
- SSDEEP
  
  768:BEUs8t2aMubzpMj3Rmc+vhkKj9AOQMgfxdA9UBmIk4DI8RY3fZ1vthi80pfH/5:pL2aMpMcQhHFQzdA6nDzYRhiTt
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2