496452d080c52873f8332b2ea142a9a89dbd4391696149d0fb3f2464a30cd2eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

496452d080c52873f8332b2ea142a9a89dbd4391696149d0fb3f2464a30cd2eb
Size

106KB
Sample

240802-1qxzds1hlr
MD5

bfcd9e7bb870b2b2d46d56d236145418
SHA1

723cf1794b4380ba67de8d3fb14a1166d79275d8
SHA256

496452d080c52873f8332b2ea142a9a89dbd4391696149d0fb3f2464a30cd2eb
SHA512

457a60a1b174b1074b4660b0be4f45db6314befa61a87dd16e6f17b803d6e9095d89572d3e6b94d524152af64cbd4522d533f9c81e1b088bc5c187d37b3aa3af
SSDEEP

1536:TfgLdQAQfcfymNr92jcQoXh3zlNEx3nRf4EXtEZ/rL5mAK3N:TftffjmNrYAQWhjlNEx3nJzmrL5DSN

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  496452d080c52873f8332b2ea142a9a89dbd4391696149d0fb3f2464a30cd2eb
- Size
  
  106KB
- MD5
  
  bfcd9e7bb870b2b2d46d56d236145418
- SHA1
  
  723cf1794b4380ba67de8d3fb14a1166d79275d8
- SHA256
  
  496452d080c52873f8332b2ea142a9a89dbd4391696149d0fb3f2464a30cd2eb
- SHA512
  
  457a60a1b174b1074b4660b0be4f45db6314befa61a87dd16e6f17b803d6e9095d89572d3e6b94d524152af64cbd4522d533f9c81e1b088bc5c187d37b3aa3af
- SSDEEP
  
  1536:TfgLdQAQfcfymNr92jcQoXh3zlNEx3nRf4EXtEZ/rL5mAK3N:TftffjmNrYAQWhjlNEx3nJzmrL5DSN
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Port Monitors
  Adversaries may use port monitors to run an adversary supplied DLL during system boot for persistence or privilege escalation.
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Port Monitors

Privilege Escalation

Boot or Logon Autostart Execution

Port Monitors

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence