0ec85f6a6bb52fb811d619c1e6654063cad6d6c0a9c2517263e559f85da72ad9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ec85f6a6bb52fb811d619c1e6654063cad6d6c0a9c2517263e559f85da72ad9
Size

227KB
Sample

240421-nerxsahf86
MD5

1a2380fe5b0204aff9cd388123894a58
SHA1

1ca17ec8b432f4d4ac3709b5b438e3bcb28a1abb
SHA256

0ec85f6a6bb52fb811d619c1e6654063cad6d6c0a9c2517263e559f85da72ad9
SHA512

a0ddb2a15ab532635931ac744ea5529a35776f54db8ff59cfb319bbdd34d71a66d4203d51602d8878449cc0b5150a1584da8dc779ed1c92011270bb0f59cd578
SSDEEP

3072:pxkuJVLUdeKzC/lzMPySe8DnpeIPipoHbKvXWXz9LRnsaJUS+6wPXD3fxNW7gq5n:YuJWdeKzC/leySe8AIqpoHbnDns1ND9m

Score

7^/10

Malware Config

Targets

- Target
  
  0ec85f6a6bb52fb811d619c1e6654063cad6d6c0a9c2517263e559f85da72ad9
- Size
  
  227KB
- MD5
  
  1a2380fe5b0204aff9cd388123894a58
- SHA1
  
  1ca17ec8b432f4d4ac3709b5b438e3bcb28a1abb
- SHA256
  
  0ec85f6a6bb52fb811d619c1e6654063cad6d6c0a9c2517263e559f85da72ad9
- SHA512
  
  a0ddb2a15ab532635931ac744ea5529a35776f54db8ff59cfb319bbdd34d71a66d4203d51602d8878449cc0b5150a1584da8dc779ed1c92011270bb0f59cd578
- SSDEEP
  
  3072:pxkuJVLUdeKzC/lzMPySe8DnpeIPipoHbKvXWXz9LRnsaJUS+6wPXD3fxNW7gq5n:YuJWdeKzC/leySe8AIqpoHbnDns1ND9m
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2