7954b4511e27c695f44746ee2e13ca271fd06e0b0980d61bd3ad44c67a5dccb2 | Triage

Sharing

General

Target

7954b4511e27c695f44746ee2e13ca271fd06e0b0980d61bd3ad44c67a5dccb2
Size

2.4MB
Sample

240417-ta8bvsga7v
MD5

db23e834c302bf816463a0034a483ce8
SHA1

c340ad6e44cf98552cb571af96aacf963c7b1533
SHA256

7954b4511e27c695f44746ee2e13ca271fd06e0b0980d61bd3ad44c67a5dccb2
SHA512

3d571ca56139d630ff0926cc339cda2f3711eaba39e7306551ff8ad04e9648ac8d7006974ceb4f48b7b6f87fa7440023c6b5c36d029c3dcb8a73a0d8fa59df41
SSDEEP

49152:A7OOjalY3ltML4asGrjV4xxSutFXoVMNhWN4N2nwCGi6NzwMsTxiW0C5b+:fcalY3lSrV4xxSubVq6c9cF1X

Score

7^/10

Malware Config

Targets

- Target
  
  7954b4511e27c695f44746ee2e13ca271fd06e0b0980d61bd3ad44c67a5dccb2
- Size
  
  2.4MB
- MD5
  
  db23e834c302bf816463a0034a483ce8
- SHA1
  
  c340ad6e44cf98552cb571af96aacf963c7b1533
- SHA256
  
  7954b4511e27c695f44746ee2e13ca271fd06e0b0980d61bd3ad44c67a5dccb2
- SHA512
  
  3d571ca56139d630ff0926cc339cda2f3711eaba39e7306551ff8ad04e9648ac8d7006974ceb4f48b7b6f87fa7440023c6b5c36d029c3dcb8a73a0d8fa59df41
- SSDEEP
  
  49152:A7OOjalY3ltML4asGrjV4xxSutFXoVMNhWN4N2nwCGi6NzwMsTxiW0C5b+:fcalY3lSrV4xxSubVq6c9cF1X
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2