09a815c0efaf8d1d0053e18d2a4a261d02dcff4c14b538183484697fd28cdfb7 | Triage

Sharing

General

Target

09a815c0efaf8d1d0053e18d2a4a261d02dcff4c14b538183484697fd28cdfb7
Size

3.1MB
Sample

240912-qbnr3awdpn
MD5

94698d7b5f27ddd05aafdb97e8c0c741
SHA1

e2b1ab1a159486371c5b884a47008c5b321c9a2b
SHA256

09a815c0efaf8d1d0053e18d2a4a261d02dcff4c14b538183484697fd28cdfb7
SHA512

91d37c95dd41d1862591a892bbb913a6a0d674332eb4e0b2a3db6f7853a663ad9043c14adbb012e0263b83cad9821bfd8a4290721a4c32a120a986a8ab39eee4
SSDEEP

49152:AkMy5sGj+Cq99LyHHI+t6O8N+ailEy6dmpzeioK2enVzG1nkyW:AkMy5s70oAaldmdmnpW

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  09a815c0efaf8d1d0053e18d2a4a261d02dcff4c14b538183484697fd28cdfb7
- Size
  
  3.1MB
- MD5
  
  94698d7b5f27ddd05aafdb97e8c0c741
- SHA1
  
  e2b1ab1a159486371c5b884a47008c5b321c9a2b
- SHA256
  
  09a815c0efaf8d1d0053e18d2a4a261d02dcff4c14b538183484697fd28cdfb7
- SHA512
  
  91d37c95dd41d1862591a892bbb913a6a0d674332eb4e0b2a3db6f7853a663ad9043c14adbb012e0263b83cad9821bfd8a4290721a4c32a120a986a8ab39eee4
- SSDEEP
  
  49152:AkMy5sGj+Cq99LyHHI+t6O8N+ailEy6dmpzeioK2enVzG1nkyW:AkMy5s70oAaldmdmnpW
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence