cb40c3bfb30bc6869e734855047ddae5d154e18039b44a60ccd31ffa097819d9 | Triage

Resubmissions

28/07/2024, 17:00

240728-vjge6steln 10

22/07/2024, 16:23

240722-tv3xwawepa 6

Sharing

Copy URL Twitter E-mail

General

Target

win_X64-telegram-TG-zwb5.09.zip
Size

155.0MB
Sample

240722-tv3xwawepa
MD5

96391ec2092cf74503f0140b38c5d740
SHA1

b8a48b7c6bf91745acdf9bd170d8e289108ec159
SHA256

cb40c3bfb30bc6869e734855047ddae5d154e18039b44a60ccd31ffa097819d9
SHA512

745b2e2bbe901ce7134a86a493a7c112c125656ee37eec048c3b6b9cd5cf7164a675471ca1e81d754cf1c710665b93886154d45543fadc67ce4070275ed1c96a
SSDEEP

3145728:3WmQwEsbDMGhmaqKruPv2KsLPDt0CktwIjwiQioNGQf5oO9AEtWgbGB4Mp:vQbeYGh1AvTRCktwIjxQN3f5X9TMp

Score

6^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  win_X64-telegram-TG-zwb5.09.msi
- Size
  
  164.6MB
- MD5
  
  bfd853887c3659dc5557a0d09f297fc0
- SHA1
  
  6a562b35866ebe1206d7888cfc44f2ca1e298eb4
- SHA256
  
  171f1309de5725a5d316c9d2eb4f0297db517f3e1dd6d63f2ae261cf8f1c682d
- SHA512
  
  f3ec0dc0d55e4f810e4fedde3dc145570a11a4405c386342fdbdd0668ce8e85bfe2f7fddc57d0fbacc23db4c5caa3b4bc0c35461f9515f294677bcbdaec47aac
- SSDEEP
  
  3145728:0IzwNfgZ8c0BQRxs3llGocUFhsjqUAFCRwJMJGljRJAczsFgeeV6wlPEDq05iAdX:0+8lQ0VlFYWJJMJGlj7naFeVxl8DU2
Score

6^/10

discovery persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

System Binary Proxy Execution

Msiexec

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation