c93807cb980d1ab8537fe4aef9fde96d7d311a9c70139e4f1e5b2177f6e3d029 | Triage

Sharing

General

Target

c93807cb980d1ab8537fe4aef9fde96d7d311a9c70139e4f1e5b2177f6e3d029
Size

863KB
Sample

240427-z3pccagf45
MD5

20c4724227569c4062c5427a63148fd9
SHA1

b7138eed431623138cb6a221862e7471d06c2514
SHA256

c93807cb980d1ab8537fe4aef9fde96d7d311a9c70139e4f1e5b2177f6e3d029
SHA512

f95d59ca3e5ded9235fa0eb4de58fe578cb0f5a45486df01e285c21439fbfdf9926742a11d3307cd7e99c7d22aa6c265b0af7176651d1a4b170079d93b83cc99
SSDEEP

24576:N7qBaIjnT6k9lPBtwC7KEg6hMLFMGyY9xSOsZ9T74yU6F:N7qsI/lPBqC7KKYFB+ZJ7L

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c93807cb980d1ab8537fe4aef9fde96d7d311a9c70139e4f1e5b2177f6e3d029
- Size
  
  863KB
- MD5
  
  20c4724227569c4062c5427a63148fd9
- SHA1
  
  b7138eed431623138cb6a221862e7471d06c2514
- SHA256
  
  c93807cb980d1ab8537fe4aef9fde96d7d311a9c70139e4f1e5b2177f6e3d029
- SHA512
  
  f95d59ca3e5ded9235fa0eb4de58fe578cb0f5a45486df01e285c21439fbfdf9926742a11d3307cd7e99c7d22aa6c265b0af7176651d1a4b170079d93b83cc99
- SSDEEP
  
  24576:N7qBaIjnT6k9lPBtwC7KEg6hMLFMGyY9xSOsZ9T74yU6F:N7qsI/lPBqC7KKYFB+ZJ7L
Score

8^/10

persistence
- Drops file in Drivers directory
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2