50253ed5283391195eb94bad99da45bd3846246293dca0317aec7df36436c48b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ryax_vocal_timesong.wav
Size

8.0MB
Sample

240602-j321fagd78
MD5

100b2442380a5baf73896ea63d238b03
SHA1

6183f8fca5bd95f076dc8d3a184b6b4aa05d9a24
SHA256

50253ed5283391195eb94bad99da45bd3846246293dca0317aec7df36436c48b
SHA512

921bfec51299d91688c9e210abacc0680d0b82816e0b4c783da12f43d00d20883dd7aa43c5d5f99dcc8d5807ebc5fd54d88916246046b3a9b4c85fa9c2ad159b
SSDEEP

196608:qUZ6poqlBDeIVZCvdw8rd2yGh6KUjbHzSY36cM:qUZ6phlB6IDS9dDjXrQ

Score

6^/10

Malware Config

Targets

- Target
  
  ryax_vocal_timesong.wav
- Size
  
  8.0MB
- MD5
  
  100b2442380a5baf73896ea63d238b03
- SHA1
  
  6183f8fca5bd95f076dc8d3a184b6b4aa05d9a24
- SHA256
  
  50253ed5283391195eb94bad99da45bd3846246293dca0317aec7df36436c48b
- SHA512
  
  921bfec51299d91688c9e210abacc0680d0b82816e0b4c783da12f43d00d20883dd7aa43c5d5f99dcc8d5807ebc5fd54d88916246046b3a9b4c85fa9c2ad159b
- SSDEEP
  
  196608:qUZ6poqlBDeIVZCvdw8rd2yGh6KUjbHzSY36cM:qUZ6phlB6IDS9dDjXrQ
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1