0dddc378582f23131f7b46485cd61dcffd4feea4e2004507abd46bc69717fae8 | Triage

Sharing

General

Target

0dddc378582f23131f7b46485cd61dcffd4feea4e2004507abd46bc69717fae8
Size

2.4MB
Sample

240913-agxn6atere
MD5

52c10c34c1e47e862ae7be4e0700881e
SHA1

382a5d38e1b877f4a755d2773ec82381be5cf258
SHA256

0dddc378582f23131f7b46485cd61dcffd4feea4e2004507abd46bc69717fae8
SHA512

61482832a81b723c1b26d227368d6011b0ad969aa6aa7453f26132e706c6990ba12045e99d1ffe6d453acaf3558990ea9715b5563cc6ffd83a60d3f80c7226d8
SSDEEP

24576:x2Jyxd4VR7of2SI8LUlFl5FpW2Jyxt4VR7of2SI8LUlFl5FpA:Akny5smcY/pk3y5smcY/A

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  0dddc378582f23131f7b46485cd61dcffd4feea4e2004507abd46bc69717fae8
- Size
  
  2.4MB
- MD5
  
  52c10c34c1e47e862ae7be4e0700881e
- SHA1
  
  382a5d38e1b877f4a755d2773ec82381be5cf258
- SHA256
  
  0dddc378582f23131f7b46485cd61dcffd4feea4e2004507abd46bc69717fae8
- SHA512
  
  61482832a81b723c1b26d227368d6011b0ad969aa6aa7453f26132e706c6990ba12045e99d1ffe6d453acaf3558990ea9715b5563cc6ffd83a60d3f80c7226d8
- SSDEEP
  
  24576:x2Jyxd4VR7of2SI8LUlFl5FpW2Jyxt4VR7of2SI8LUlFl5FpA:Akny5smcY/pk3y5smcY/A
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence