a4377bd5c2fdb74863a5ad6c5f9e51db8cf52f7b32530868c462be9009e9c0c3 | Triage

Resubmissions

28/02/2024, 11:32

240228-nndfraae7w 1

28/02/2024, 11:29

240228-nlmxeaad56 6

28/02/2024, 11:25

240228-njqwaaac93 6

28/02/2024, 11:20

240228-nfph2sad2t 6

Sharing

General

Target

CRRuntime_32bit_13_0_4.msi
Size

71.9MB
Sample

240228-nfph2sad2t
MD5

1e6fa29cf45d4cc9046cc23e649ca33b
SHA1

99aeaf2da401ae17b3adfbb93eb05e672ff72ace
SHA256

a4377bd5c2fdb74863a5ad6c5f9e51db8cf52f7b32530868c462be9009e9c0c3
SHA512

5c5c54d3a452650ff7bf39cee6a80868054a6ef66630c3c400c7b92436fbc5816e3baf825047bebe7d135df7f48ecaa60ce5e941fdac401dcba3c92491326193
SSDEEP

1572864:oVxe3hcf+RAHGgWAny5ADYJmYFGKYkNrWsaLg1plL:phcfAAHodJXGKr1WsOg1

Score

6^/10

Malware Config

Targets

- Target
  
  CRRuntime_32bit_13_0_4.msi
- Size
  
  71.9MB
- MD5
  
  1e6fa29cf45d4cc9046cc23e649ca33b
- SHA1
  
  99aeaf2da401ae17b3adfbb93eb05e672ff72ace
- SHA256
  
  a4377bd5c2fdb74863a5ad6c5f9e51db8cf52f7b32530868c462be9009e9c0c3
- SHA512
  
  5c5c54d3a452650ff7bf39cee6a80868054a6ef66630c3c400c7b92436fbc5816e3baf825047bebe7d135df7f48ecaa60ce5e941fdac401dcba3c92491326193
- SSDEEP
  
  1572864:oVxe3hcf+RAHGgWAny5ADYJmYFGKYkNrWsaLg1plL:phcfAAHodJXGKr1WsOg1
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1