0c85ad7c56d1675c13d1cdfdee4106fcd5ccf287829012004edcede8f1a80269 | Triage

Sharing

General

Target

CFE.SERV.ELECTRICO.NFGCCأ.msi
Size

12.7MB
Sample

240311-satb9sde9t
MD5

7873e07921ab6821c7aa6f265e0db19a
SHA1

fefe5273a04bb1c415c1e9c9219690276c329f74
SHA256

0c85ad7c56d1675c13d1cdfdee4106fcd5ccf287829012004edcede8f1a80269
SHA512

f5aabd7885c9a1a39144feadc93528c5af5dac6d814f8cd104e5333a81cf244c38b6171532eede5ad1e7729016774add9f5099556ed980552294272490b6a34f
SSDEEP

393216:dZ1NhvRhX8RV+Iyw9zR3UlHtxTvwKXIE5glciKXrfBkuumH/h8h:fBd8h

Score

6^/10

Malware Config

Targets

- Target
  
  CFE.SERV.ELECTRICO.NFGCCأ.msi
- Size
  
  12.7MB
- MD5
  
  7873e07921ab6821c7aa6f265e0db19a
- SHA1
  
  fefe5273a04bb1c415c1e9c9219690276c329f74
- SHA256
  
  0c85ad7c56d1675c13d1cdfdee4106fcd5ccf287829012004edcede8f1a80269
- SHA512
  
  f5aabd7885c9a1a39144feadc93528c5af5dac6d814f8cd104e5333a81cf244c38b6171532eede5ad1e7729016774add9f5099556ed980552294272490b6a34f
- SSDEEP
  
  393216:dZ1NhvRhX8RV+Iyw9zR3UlHtxTvwKXIE5glciKXrfBkuumH/h8h:fBd8h
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2