aeb36aa6d3eb358179aede6e745ed1079e5e358021ba7a2067780f94525fadb2 | Triage

Resubmissions

03/05/2024, 19:40

240503-ydhb3adh4v 6

03/05/2024, 19:38

240503-ychw7sdh21 6

03/05/2024, 19:28

240503-x639kagf87 6

Sharing

General

Target

Zulu2021_x64_ru.msi
Size

206.4MB
Sample

240503-x639kagf87
MD5

e260569b5a0e6f095e05ce8dac46db99
SHA1

2649b0409a76e8552b995597bf2a166812b4be23
SHA256

aeb36aa6d3eb358179aede6e745ed1079e5e358021ba7a2067780f94525fadb2
SHA512

d2629ee23c5351f36feafb466ac870797140722d05d79f9891fc46e491dff8d650130e7772dd998e85c0092bc5f7bc34674c5e5e6135e31227e2b214bae0196f
SSDEEP

6291456:sze6qDEqmeopAntDHavQPkhNjK02C5uQN6E:szehER7poD6IMhNO78uQN

Score

6^/10

Malware Config

Targets

- Target
  
  Zulu2021_x64_ru.msi
- Size
  
  206.4MB
- MD5
  
  e260569b5a0e6f095e05ce8dac46db99
- SHA1
  
  2649b0409a76e8552b995597bf2a166812b4be23
- SHA256
  
  aeb36aa6d3eb358179aede6e745ed1079e5e358021ba7a2067780f94525fadb2
- SHA512
  
  d2629ee23c5351f36feafb466ac870797140722d05d79f9891fc46e491dff8d650130e7772dd998e85c0092bc5f7bc34674c5e5e6135e31227e2b214bae0196f
- SSDEEP
  
  6291456:sze6qDEqmeopAntDHavQPkhNjK02C5uQN6E:szehER7poD6IMhNO78uQN
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1