c060fda52cb84148ca17162d2417f9608056e3ebafd92668c7e06b4025974ceb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c060fda52cb84148ca17162d2417f9608056e3ebafd92668c7e06b4025974ceb
Size

461KB
Sample

240405-ayw4ysff99
MD5

04e49326f38f4331747216b977667e99
SHA1

f379f669f764e05eeffd96dcca884b9e8df7ea20
SHA256

c060fda52cb84148ca17162d2417f9608056e3ebafd92668c7e06b4025974ceb
SHA512

69c720772d71a53dae7db7ee6c4ff9c88c0fadd882fd54915c02da1107327e35211279ff0d68428ccea9aa073b25aea6827988a7a62d4ab6f2a1578539281b7b
SSDEEP

12288:28y8eC5pN/5+LpNq+m+THu0++m+m+m+y/tcN:Q8eCF/GHu00tcN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c060fda52cb84148ca17162d2417f9608056e3ebafd92668c7e06b4025974ceb
- Size
  
  461KB
- MD5
  
  04e49326f38f4331747216b977667e99
- SHA1
  
  f379f669f764e05eeffd96dcca884b9e8df7ea20
- SHA256
  
  c060fda52cb84148ca17162d2417f9608056e3ebafd92668c7e06b4025974ceb
- SHA512
  
  69c720772d71a53dae7db7ee6c4ff9c88c0fadd882fd54915c02da1107327e35211279ff0d68428ccea9aa073b25aea6827988a7a62d4ab6f2a1578539281b7b
- SSDEEP
  
  12288:28y8eC5pN/5+LpNq+m+THu0++m+m+m+y/tcN:Q8eCF/GHu00tcN
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2