52d665d2669d15a8752a35d3ca95ee39d414f4efc7ef8b11911351001b0e5b9f | Triage

Sharing

General

Target

94089be88986618b7be913ee8b0d8a67.bin
Size

33.0MB
Sample

240516-dffwsshc5y
MD5

328eb0a7b0c00a0f7845f2b665f2cb73
SHA1

267c6c753c3f6933fe575c9b0507129bd1caa1d0
SHA256

52d665d2669d15a8752a35d3ca95ee39d414f4efc7ef8b11911351001b0e5b9f
SHA512

a0405e6cccb0927e7c95e81d220c1d69ef785a82757714aa8799e67c8cd6507d4adbf43a0164b3f609b2a124cbda2a75685fed3e2fbcecbb37cdc65107884dbb
SSDEEP

786432:yu74LWps9aZTWf3kSVQyvrzZBrOdikgRMhm8JuF5uA4iisa:T7Z0mnyzzZBrOdH4SNu/sii7

Score

6^/10

execution

Malware Config

Targets

- Target
  
  bbb45077f52c14bda8e240fc2e94e36efc1d45c24a40f51a4ed7f506126d4c36.msi
- Size
  
  35.0MB
- MD5
  
  94089be88986618b7be913ee8b0d8a67
- SHA1
  
  377ecca72bbdf278cb2a15531188e14eb59145e4
- SHA256
  
  bbb45077f52c14bda8e240fc2e94e36efc1d45c24a40f51a4ed7f506126d4c36
- SHA512
  
  84d0ec6948a1f511bfe0d25af19cb015ee1efe4351706f15587aee56f45e3a91abc4f40a0f3e8894deaf789deb04b46135deeba20c4a34dfec08d595e2b71987
- SSDEEP
  
  786432:Ilk27h2QVu9cCct5rB9rIX9gW6cnzELhEe2x53gp2KM:IlfA+ptO2Cnne2xU2
Score

6^/10

execution
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2