132b407090ee6245110b77bee17447e2c700a3b06deffa55a0fd1605691cd17b | Triage

Sharing

General

Target

DFC.530.msi
Size

21.6MB
Sample

240531-tmn4radf3v
MD5

29bd31f6b73955c2d4891c80b57cdc38
SHA1

dd5b1caa91025f847377bcbcd15e537649e605e4
SHA256

132b407090ee6245110b77bee17447e2c700a3b06deffa55a0fd1605691cd17b
SHA512

f2160db5ed7138de7b50dbc0e71b07741a443abb10f55213053fa3fa7c0b388065f064b6e78b179f38a1738c44a878df444c04da40c655977e4d307f73dd416b
SSDEEP

196608:Snv1sPXIIh4hez5nU65YEdrZU0n/34c2p1SFWZ+fMh5AQeF:SnvHIqhi5nd2Arj34fbCWZ+fMDze

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  DFC.530.msi
- Size
  
  21.6MB
- MD5
  
  29bd31f6b73955c2d4891c80b57cdc38
- SHA1
  
  dd5b1caa91025f847377bcbcd15e537649e605e4
- SHA256
  
  132b407090ee6245110b77bee17447e2c700a3b06deffa55a0fd1605691cd17b
- SHA512
  
  f2160db5ed7138de7b50dbc0e71b07741a443abb10f55213053fa3fa7c0b388065f064b6e78b179f38a1738c44a878df444c04da40c655977e4d307f73dd416b
- SSDEEP
  
  196608:Snv1sPXIIh4hez5nU65YEdrZU0n/34c2p1SFWZ+fMh5AQeF:SnvHIqhi5nd2Arj34fbCWZ+fMDze
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2