5981da840de1f11435516fbee1f1d84f30ae0452285e5080a306b65fe3f39902 | Triage

Sharing

General

Target

5981da840de1f11435516fbee1f1d84f30ae0452285e5080a306b65fe3f39902
Size

29.1MB
Sample

240313-x6hymadg8z
MD5

455d09c663437e9285eb22658461db67
SHA1

37766a5bf553b3dab762f63f978330f4b04461d8
SHA256

5981da840de1f11435516fbee1f1d84f30ae0452285e5080a306b65fe3f39902
SHA512

98c2c88076e7266a1ec7a01de8fd68056e2a888115bc362070d91a68ca86b993c2e243dc8b1fd5581e14c4f05755a3283f1648a7cce784a00eace27fe9fa27b8
SSDEEP

786432:HTEV13T27T8+ZNlwpBdwijPifBagbhiz/XfdXLWXMmFRoMqF1xJ:HTEV13n4NgdwiInFe/xWXMISL

Score

7^/10

Malware Config

Targets

- Target
  
  5981da840de1f11435516fbee1f1d84f30ae0452285e5080a306b65fe3f39902
- Size
  
  29.1MB
- MD5
  
  455d09c663437e9285eb22658461db67
- SHA1
  
  37766a5bf553b3dab762f63f978330f4b04461d8
- SHA256
  
  5981da840de1f11435516fbee1f1d84f30ae0452285e5080a306b65fe3f39902
- SHA512
  
  98c2c88076e7266a1ec7a01de8fd68056e2a888115bc362070d91a68ca86b993c2e243dc8b1fd5581e14c4f05755a3283f1648a7cce784a00eace27fe9fa27b8
- SSDEEP
  
  786432:HTEV13T27T8+ZNlwpBdwijPifBagbhiz/XfdXLWXMmFRoMqF1xJ:HTEV13n4NgdwiInFe/xWXMISL
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2