b4661adcd4f1a037346037efa829293b00d976c56bccc683c423e3a93a8da881 | Triage

Sharing

General

Target

b4661adcd4f1a037346037efa829293b00d976c56bccc683c423e3a93a8da881.exe
Size

25KB
Sample

240530-bwa95sae54
MD5

0446fd1ab00e877ee83132179991399f
SHA1

b5aa6b4e37a9ae8737968940566db92ce10f15d2
SHA256

b4661adcd4f1a037346037efa829293b00d976c56bccc683c423e3a93a8da881
SHA512

f6a5aaa24535f519fe5f620d332bcfa963d246f31ab02420db5e5a8e46bcd255d4d9e57416c2f703061145e4199ef8f52e0867423a3adc581dc0cb4abf5b4865
SSDEEP

768:QEHP8+0Vfgno6zSKXqyfM41v1lbVxfgm3HrdA:QEHP8+01gVRzfX3y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b4661adcd4f1a037346037efa829293b00d976c56bccc683c423e3a93a8da881.exe
- Size
  
  25KB
- MD5
  
  0446fd1ab00e877ee83132179991399f
- SHA1
  
  b5aa6b4e37a9ae8737968940566db92ce10f15d2
- SHA256
  
  b4661adcd4f1a037346037efa829293b00d976c56bccc683c423e3a93a8da881
- SHA512
  
  f6a5aaa24535f519fe5f620d332bcfa963d246f31ab02420db5e5a8e46bcd255d4d9e57416c2f703061145e4199ef8f52e0867423a3adc581dc0cb4abf5b4865
- SSDEEP
  
  768:QEHP8+0Vfgno6zSKXqyfM41v1lbVxfgm3HrdA:QEHP8+01gVRzfX3y
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Use of msiexec (install) with remote resource
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2