5a2b97d8ded2fc70a3cc4c767a4e4e44337e2e0ef1440c1608dda3f87d436f06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7be221d96dddd3ca71f41bb0c268b12
Size

27KB
Sample

240306-swkbgscb6x
MD5

b7be221d96dddd3ca71f41bb0c268b12
SHA1

5829f0b4a7cc162dce361d60314b39ee6cbaea22
SHA256

5a2b97d8ded2fc70a3cc4c767a4e4e44337e2e0ef1440c1608dda3f87d436f06
SHA512

8ce7b791b71f0b4c6cc5245da9a6c428d8ff0328fe662415dec2d5daa7dac1cc88d57fb397cc4ba73ea97d88758c1049ad8ef8b0c14ee27cf7479a1defc37d77
SSDEEP

768:LrXJcX8W8qBQEF/kRRJsnhjQcBwsJvNs5gxxTOiR:LrXS1iAEunhQcZsyxS6

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b7be221d96dddd3ca71f41bb0c268b12
- Size
  
  27KB
- MD5
  
  b7be221d96dddd3ca71f41bb0c268b12
- SHA1
  
  5829f0b4a7cc162dce361d60314b39ee6cbaea22
- SHA256
  
  5a2b97d8ded2fc70a3cc4c767a4e4e44337e2e0ef1440c1608dda3f87d436f06
- SHA512
  
  8ce7b791b71f0b4c6cc5245da9a6c428d8ff0328fe662415dec2d5daa7dac1cc88d57fb397cc4ba73ea97d88758c1049ad8ef8b0c14ee27cf7479a1defc37d77
- SSDEEP
  
  768:LrXJcX8W8qBQEF/kRRJsnhjQcBwsJvNs5gxxTOiR:LrXS1iAEunhQcZsyxS6
Score

8^/10

persistence
- Sets file execution options in registry
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2