1035bbebbbf65eab9682bfe42d4a19e11ee662e009fe7ab5f4e029d0f87acb45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

588a8894f4199784a7a93c9055d0c104
Size

130KB
Sample

240113-k5w3msfefk
MD5

588a8894f4199784a7a93c9055d0c104
SHA1

92a8ade25f6bb8108070ff6d599cdb8ae96cc84c
SHA256

1035bbebbbf65eab9682bfe42d4a19e11ee662e009fe7ab5f4e029d0f87acb45
SHA512

9c5f79131e9817ec0b6cad01268f9483ce5e93811875c6f17ed00213deb1b5e59f6806ddf6d73178501d42d3bddd8276eb1a37437b93b9637ab7bb34ccd46aa1
SSDEEP

3072:aWu2GLDjKwrpnyZz9lwrtzQRJUELBrrcUn:Khy+xMRJUIBrrcUn

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  588a8894f4199784a7a93c9055d0c104
- Size
  
  130KB
- MD5
  
  588a8894f4199784a7a93c9055d0c104
- SHA1
  
  92a8ade25f6bb8108070ff6d599cdb8ae96cc84c
- SHA256
  
  1035bbebbbf65eab9682bfe42d4a19e11ee662e009fe7ab5f4e029d0f87acb45
- SHA512
  
  9c5f79131e9817ec0b6cad01268f9483ce5e93811875c6f17ed00213deb1b5e59f6806ddf6d73178501d42d3bddd8276eb1a37437b93b9637ab7bb34ccd46aa1
- SSDEEP
  
  3072:aWu2GLDjKwrpnyZz9lwrtzQRJUELBrrcUn:Khy+xMRJUIBrrcUn
Score

7^/10

persistence
- Deletes itself
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2