0893966473603deecbbfc6afa54aff221c12442840506bdbe7b99e688e27fac9 | Triage

Sharing

General

Target

d95ca69045ee6c82c627dc8df9d862a4.bin
Size

7.9MB
Sample

240124-elfcwsaagr
MD5

d95ca69045ee6c82c627dc8df9d862a4
SHA1

cc4f1c221d62c7480a732a5ed33f66f0fbe5c871
SHA256

0893966473603deecbbfc6afa54aff221c12442840506bdbe7b99e688e27fac9
SHA512

acc5d781b803e34a7a8f8edda150bce0de0b0a31b4cfa82ca142460faf835d8cf9d297b236b0a8ae44b9c94184643b8bda5e2cd783b522eeb321c5f3bce9cee4
SSDEEP

196608:jgVzBx4Ei4XNCud3TT+iYKJ+OkkKsmodF8bx:s94AXjT61K8O1Ksmob8b

Score

6^/10

Malware Config

Targets

- Target
  
  d95ca69045ee6c82c627dc8df9d862a4.bin
- Size
  
  7.9MB
- MD5
  
  d95ca69045ee6c82c627dc8df9d862a4
- SHA1
  
  cc4f1c221d62c7480a732a5ed33f66f0fbe5c871
- SHA256
  
  0893966473603deecbbfc6afa54aff221c12442840506bdbe7b99e688e27fac9
- SHA512
  
  acc5d781b803e34a7a8f8edda150bce0de0b0a31b4cfa82ca142460faf835d8cf9d297b236b0a8ae44b9c94184643b8bda5e2cd783b522eeb321c5f3bce9cee4
- SSDEEP
  
  196608:jgVzBx4Ei4XNCud3TT+iYKJ+OkkKsmodF8bx:s94AXjT61K8O1Ksmob8b
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2